Developer Posted October 25, 2007 Share Posted October 25, 2007 Hello,I wanted to suggest a new feature to detect multiple accounts regsitered from the same PC.The feature may be implemented similar way.Is it possible to do something like that for IPB and will you consider it? Link to comment Share on other sites More sharing options...
bfarber Posted October 25, 2007 Share Posted October 25, 2007 Cookies are easily cleared. Perhaps this would work well for "novices" but I'm thinking largely that those you'd want to detect would be able to get around it, no? Link to comment Share on other sites More sharing options...
Developer Posted October 25, 2007 Share Posted October 25, 2007 Advanced users can get around anyway,no matter what we innovate,but at least to stop novices..that coul be useful :) Link to comment Share on other sites More sharing options...
Luke Posted October 26, 2007 Share Posted October 26, 2007 I'm gonna have to agree with this suggestion... Most posters who use multiple accounts to have a conversation with themselves are younger members, and they aren't going to think about it being tracked like that.Of course sometimes you can determine this by IP address and times posted, but you don't always know for sure. This would add extra insurance if they were to not delete the cookie. Link to comment Share on other sites More sharing options...
sunrisecc Posted October 26, 2007 Share Posted October 26, 2007 What about members who must use proxies and/or shared computers? Link to comment Share on other sites More sharing options...
bfarber Posted October 26, 2007 Share Posted October 26, 2007 What about members who must use proxies and/or shared computers?i.e. a library/school computer Link to comment Share on other sites More sharing options...
Jason H Posted October 26, 2007 Share Posted October 26, 2007 Yeah.. This is a bad idea. It's almost bad enough that we track by IP address, because people WANT to do stuff like this.. And noone ever thinks of the legitimate reasons WHY two people could be using the same IP. Additionally, it takes all of a minute to change the MAC address of my router, which causes a new IP to be pulled for my machine. Then I can just change the MAC back and be on my old IP.. I can post 9 messages from 9 IPs in about 9 minutes. Fine for a mod.. But I don't see it being built-in. Link to comment Share on other sites More sharing options...
sunrisecc Posted October 26, 2007 Share Posted October 26, 2007 I forgot to add that there are still many users who have to use dial-up. I can also change my IP address simply by resetting my modem since I am using the phone line versus being on cable. Link to comment Share on other sites More sharing options...
Luke Posted October 26, 2007 Share Posted October 26, 2007 What does it matter? If it doesn't work, then it isn't any different than not having it at all. But if it does work, it gives you a little more to go on. And not everyone is bright enough to change their IP address. This method would work very well with kid posters. They're the most likely to do this anyway. Link to comment Share on other sites More sharing options...
bfarber Posted October 26, 2007 Share Posted October 26, 2007 It comes down to amount of time to develop vs effectiveness.How many people would actually use this?How effective is it really?Those are the real questions that need to be answeredSo far I see voiced support from 2 people Link to comment Share on other sites More sharing options...
Jason H Posted October 26, 2007 Share Posted October 26, 2007 Third point... How many people would use it improperly? I really do see a large number of tickets where people want to know how to delete all users who have multiple accounts. When you ask how they know they have multiple accounts, they say by IP address... Then you point out NAT and AOL and other ISPs that share IP addresses, and they never took that into consideration. The tools to do this, in reality, already exist through the IP Tools. It's more difficult than a 'delete mutliple IPs' button or something like that, but I think that's a good thing. Link to comment Share on other sites More sharing options...
Developer Posted October 26, 2007 Share Posted October 26, 2007 It comes down to amount of time to develop vs effectiveness.How many people would actually use this?How effective is it really?Those are the real questions that need to be answeredSo far I see voiced support from 2 peopleHow many people would actually use this?Many,almost any board has ever had similar problem.How effective is it really?Thats the question you should ask i guess :) Link to comment Share on other sites More sharing options...
The Clash Posted October 26, 2007 Share Posted October 26, 2007 I wouldn't use it at all. Personally, I remember back when I was using dial-up...I'd visit a forum and every once in a while get an access denied IP banned message, and have to reset my modem. I'd never want to do that to anyone. :\ Link to comment Share on other sites More sharing options...
Vitaly Posted October 29, 2007 Share Posted October 29, 2007 Cookies tracking is a nice way to start. It whould solve 90% of my problems. Just count: 10 times less :)To be safe, it's god not to autoblock account, but just log suspitious.Cookes are more effective aginst dialup connections, that IP tracking. Link to comment Share on other sites More sharing options...
Developer Posted October 29, 2007 Share Posted October 29, 2007 Just logging is my suggestion too. Link to comment Share on other sites More sharing options...
zaoka Posted October 29, 2007 Share Posted October 29, 2007 Well, I just cought one manually. He registered with 3 different accounts and was complaining that somebody deleting only his posts..I think it would be better idea to add ability to block known proxy servers (with update feature).. Link to comment Share on other sites More sharing options...
Developer Posted October 29, 2007 Share Posted October 29, 2007 There are tens,probably even hundreds of new proxyies created daily,that one will rarely work out and also some should be updating those lists. Link to comment Share on other sites More sharing options...
atomicknight Posted October 30, 2007 Share Posted October 30, 2007 Not to mention that it's horribly easy to write a proxy script given a server with PHP and the proper extensions (or any one of a whole list of other setups even). It's a start though. Link to comment Share on other sites More sharing options...
Luke Posted October 30, 2007 Share Posted October 30, 2007 Third point... How many people would use it improperly? I really do see a large number of tickets where people want to know how to delete all users who have multiple accounts. When you ask how they know they have multiple accounts, they say by IP address... Then you point out NAT and AOL and other ISPs that share IP addresses, and they never took that into consideration. The tools to do this, in reality, already exist through the IP Tools. It's more difficult than a 'delete mutliple IPs' button or something like that, but I think that's a good thing.Well you see it's almost impossible to detect multiple registrations from the same person when they change their IP address, especially with AOL and dial up, and some DSL companies that change it every 2-4 days. That's why you store previous used user id's into a cookie and store these under the currently logged into account.For younger people trying to be a pest, this would help because not all of them know about or think about clearing their cookies. As far as they know clearing their cookies is a way of logging them out. They wouldn't think about it being used for tracking.Also there are some cases where some people forget their old account and the username they used before. In cases where not much time has passed and they simply logged out, a persistent cookie would help the admins locate previously used accounts for that user, and restore them to their old account.It's really just for informational purposes... Shouldn't be used for a 'delete all'.Another suggestion: Not sure if this is in already, but a feature to merge member accounts together would be useful. When a merge is activated, it would call that sync script in the modules directory (if it still exists) so other non-standard-IPB with member ids tables can be merged as well. Link to comment Share on other sites More sharing options...
Louis M. Posted October 30, 2007 Share Posted October 30, 2007 I really don't know how I feel on this. I have only had a few minor issues with members on my forums (a WoW Guild). I can see the need for tracking but due to IPs changing so frequently and the volatility of cookies I don't know how much more you can do. I just don't see cookies as a valid solution. It isn't secure enough for what you want to accomplish. Link to comment Share on other sites More sharing options...
SecondSight Posted October 31, 2007 Share Posted October 31, 2007 Hello ! :) I check every new account, to find multiple accounts, but not only that. I spend some time doing this, and I'm sure I don't find all members who have mutiple accounts. I would like this tool to be created to make things easier and faster, and I would also like some other options added to it.I check all registrations and :1/ If I find a member who already has an account :I send him an e-mail asking why he creates a new one, asking if the existing account belongs to him, and I don't validate the new account until I get an answer. If I get no answer, I delete the account.The reason for creating a new account is generally that :- they have changed their e-mail address, didn't update it on the board, then forgot their password and can no longer receive the the e-mail to create a new password.- sometimes, they have forgotten both password and login...- since all accounts must be validated by the admin on my board, some people who don't read anything, don't understand why their account doesn't work and create new ones (but these account are easily found since I check all registrations).2/ If the user is'nt from my country :I also check if the user is a foreigner or not ( I look at the e-mail, ISP, IP, name,...). For instance, if he is from Russia, or China, or the USA, I don't validate the account and send him an e-mail asking him to tell me why he wants to register on my board (it's a board for primary school teachers). If there is no answer, or if the answer is bizar, I delete the account.Generally, I find that these accounts are created by teachers from my country who live in a foreign country. Then I validate their account, but I also fear hackers and spammers.So, I would like to see a multiple account tool created, but I also would like a tool to easily send a ready-made e-mail to those members who appear to have already created an account.Perhaps this would work well for "novices" but I'm thinking largely that those you'd want to detect would be able to get around it, no?As for me, nearly all my board's members are novices who don't even know what a cookie or an IP adress is...Advanced users can get around anyway,no matter what we innovate,but at least to stop novices..that coul be useful :)I don't know about other boards, but on my board, there are very few advanced users.What about members who must use proxies and/or shared computers?On my board, very few know what a proxy is.Some people create another account on a shared computer, but in the end we manage to find them.because people WANT to do stuff like this..As for me, nearly all my board's members don't think about having multiple accounts : they work all day long and are tired in the evening, so they don't think about creating multiple accounts.But there are also the members who have mental problems and are/can be dangerous : they create multiple accounts to try to meet people in real life, in order to steal them or do harm to them, etc.Additionally, it takes all of a minute to change the MAC address of my router,Nearly all people don't even know what a MAC adress is.It comes down to amount of time to develop vs effectiveness.How many people would actually use this?How effective is it really?I do agree. Link to comment Share on other sites More sharing options...
Developer Posted November 1, 2007 Share Posted November 1, 2007 How about these solutions ?1)Add custom field in user profile with Registered using proxy server "yes" "no"2)Users which used proxy servers while using board(similar to the list of IPs which board holds for users) Link to comment Share on other sites More sharing options...
sunrisecc Posted November 1, 2007 Share Posted November 1, 2007 Not all members know when they are using a proxy. In addition, some of members access my board from both work and also home using different providers. One provider can use a proxy and the other does not.I also have a sizable numbers of members who use my board while travelling.If the check for duplicate IPs is important enough for you and you do not want to check it manually, then make use of the Duplicate IP mod available elsewhere. Link to comment Share on other sites More sharing options...
Developer Posted November 1, 2007 Share Posted November 1, 2007 Its not about duplicate IP but proxy or not.If your members using proxy and and no proxy to login but both IPs are from the same country then thats possible normal user,but when someone use proxy server in one country and then login from IP from another country and so on ? Link to comment Share on other sites More sharing options...
sunrisecc Posted November 1, 2007 Share Posted November 1, 2007 What about my AOL users who can use a proxy in the USA or in Canada even within one session? Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.