Jump to content

Multiple account login detector

Guest Developer

By Guest Developer
in Feedback

Recommended Posts

Luke Mentor

Luke

Posted
Posted

I'm gonna have to agree with this suggestion... Most posters who use multiple accounts to have a conversation with themselves are younger members, and they aren't going to think about it being tracked like that.

Of course sometimes you can determine this by IP address and times posted, but you don't always know for sure. This would add extra insurance if they were to not delete the cookie.

Link to comment
Share on other sites
Jason H Grand Master

Jason H

Posted
Posted

Yeah.. This is a bad idea. It's almost bad enough that we track by IP address, because people WANT to do stuff like this.. And noone ever thinks of the legitimate reasons WHY two people could be using the same IP.

Additionally, it takes all of a minute to change the MAC address of my router, which causes a new IP to be pulled for my machine. Then I can just change the MAC back and be on my old IP.. I can post 9 messages from 9 IPs in about 9 minutes.

Fine for a mod.. But I don't see it being built-in.

Link to comment
Share on other sites
Luke Mentor

Luke

Posted
Posted

What does it matter? If it doesn't work, then it isn't any different than not having it at all. But if it does work, it gives you a little more to go on. And not everyone is bright enough to change their IP address. This method would work very well with kid posters. They're the most likely to do this anyway.

Link to comment
Share on other sites
Jason H Grand Master

Jason H

Posted
Posted

Third point... How many people would use it improperly?

I really do see a large number of tickets where people want to know how to delete all users who have multiple accounts. When you ask how they know they have multiple accounts, they say by IP address... Then you point out NAT and AOL and other ISPs that share IP addresses, and they never took that into consideration.

The tools to do this, in reality, already exist through the IP Tools. It's more difficult than a 'delete mutliple IPs' button or something like that, but I think that's a good thing.

Link to comment
Share on other sites
Developer Apprentice

Developer

Posted
Posted

It comes down to amount of time to develop vs effectiveness.



How many people would actually use this?


How effective is it really?



Those are the real questions that need to be answered



So far I see voiced support from 2 people



How many people would actually use this?
Many,almost any board has ever had similar problem.
How effective is it really?
Thats the question you should ask i guess :)
Link to comment
Share on other sites
Vitaly Enthusiast

Vitaly

Posted
Posted

Cookies tracking is a nice way to start. It whould solve 90% of my problems. Just count: 10 times less :)

To be safe, it's god not to autoblock account, but just log suspitious.

Cookes are more effective aginst dialup connections, that IP tracking.

Link to comment
Share on other sites
zaoka Newbie

zaoka

Posted
Posted

Well, I just cought one manually. He registered with 3 different accounts and was complaining that somebody deleting only his posts..

I think it would be better idea to add ability to block known proxy servers (with update feature)..

Link to comment
Share on other sites
Luke Mentor

Luke

Posted
Posted

Third point... How many people would use it improperly?



I really do see a large number of tickets where people want to know how to delete all users who have multiple accounts. When you ask how they know they have multiple accounts, they say by IP address... Then you point out NAT and AOL and other ISPs that share IP addresses, and they never took that into consideration.



The tools to do this, in reality, already exist through the IP Tools. It's more difficult than a 'delete mutliple IPs' button or something like that, but I think that's a good thing.



Well you see it's almost impossible to detect multiple registrations from the same person when they change their IP address, especially with AOL and dial up, and some DSL companies that change it every 2-4 days. That's why you store previous used user id's into a cookie and store these under the currently logged into account.

For younger people trying to be a pest, this would help because not all of them know about or think about clearing their cookies. As far as they know clearing their cookies is a way of logging them out. They wouldn't think about it being used for tracking.

Also there are some cases where some people forget their old account and the username they used before. In cases where not much time has passed and they simply logged out, a persistent cookie would help the admins locate previously used accounts for that user, and restore them to their old account.

It's really just for informational purposes... Shouldn't be used for a 'delete all'.

Another suggestion: Not sure if this is in already, but a feature to merge member accounts together would be useful. When a merge is activated, it would call that sync script in the modules directory (if it still exists) so other non-standard-IPB with member ids tables can be merged as well.
Link to comment
Share on other sites
Louis M. Rookie

Louis M.

Posted
Posted

I really don't know how I feel on this. I have only had a few minor issues with members on my forums (a WoW Guild). I can see the need for tracking but due to IPs changing so frequently and the volatility of cookies I don't know how much more you can do. I just don't see cookies as a valid solution. It isn't secure enough for what you want to accomplish.

Link to comment
Share on other sites
SecondSight Proficient

SecondSight

Posted
Posted

Hello ! :)

I check every new account, to find multiple accounts, but not only that.

I spend some time doing this, and I'm sure I don't find all members who have mutiple accounts. I would like this tool to be created to make things easier and faster, and I would also like some other options added to it.

I check all registrations and :

1/ If I find a member who already has an account :
I send him an e-mail asking why he creates a new one, asking if the existing account belongs to him, and I don't validate the new account until I get an answer. If I get no answer, I delete the account.

The reason for creating a new account is generally that :
- they have changed their e-mail address, didn't update it on the board, then forgot their password and can no longer receive the the e-mail to create a new password.
- sometimes, they have forgotten both password and login...
- since all accounts must be validated by the admin on my board, some people who don't read anything, don't understand why their account doesn't work and create new ones (but these account are easily found since I check all registrations).

2/ If the user is'nt from my country :
I also check if the user is a foreigner or not ( I look at the e-mail, ISP, IP, name,...). For instance, if he is from Russia, or China, or the USA, I don't validate the account and send him an e-mail asking him to tell me why he wants to register on my board (it's a board for primary school teachers). If there is no answer, or if the answer is bizar, I delete the account.
Generally, I find that these accounts are created by teachers from my country who live in a foreign country. Then I validate their account, but I also fear hackers and spammers.

So, I would like to see a multiple account tool created, but I also would like a tool to easily send a ready-made e-mail to those members who appear to have already created an account.

Perhaps this would work well for "novices" but I'm thinking largely that those you'd want to detect would be able to get around it, no?


As for me, nearly all my board's members are novices who don't even know what a cookie or an IP adress is...

Advanced users can get around anyway,no matter what we innovate,but at least to stop novices..that coul be useful :)


I don't know about other boards, but on my board, there are very few advanced users.

What about members who must use proxies and/or shared computers?


On my board, very few know what a proxy is.
Some people create another account on a shared computer, but in the end we manage to find them.

because people WANT to do stuff like this..


As for me, nearly all my board's members don't think about having multiple accounts : they work all day long and are tired in the evening, so they don't think about creating multiple accounts.
But there are also the members who have mental problems and are/can be dangerous : they create multiple accounts to try to meet people in real life, in order to steal them or do harm to them, etc.

Additionally, it takes all of a minute to change the MAC address of my router,


Nearly all people don't even know what a MAC adress is.

It comes down to amount of time to develop vs effectiveness.



How many people would actually use this?


How effective is it really?


I do agree.
Link to comment
Share on other sites
sunrisecc Mentor

sunrisecc

Posted
Posted

Not all members know when they are using a proxy. In addition, some of members access my board from both work and also home using different providers. One provider can use a proxy and the other does not.
I also have a sizable numbers of members who use my board while travelling.

If the check for duplicate IPs is important enough for you and you do not want to check it manually, then make use of the Duplicate IP mod available elsewhere.

Link to comment
Share on other sites
Developer Apprentice

Developer

Posted
Posted

Its not about duplicate IP but proxy or not.
If your members using proxy and and no proxy to login but both IPs are from the same country then thats possible normal user,but when someone use proxy server in one country and then login from IP from another country and so on ?

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
Invision Community © 2024 IPS, Inc.
×
×
  • Create New...