How about a built-in duplicate user detector?

[Morgin]

18 hours ago, Morrigan said:

The point is that some people will use a hammer for an electrical problem if they think that’s what they should do.

I’m not sure features should be dismissed because you worry some admins would use them in ways you disapprove of though. 

Duplicate users are a huge problem for my site. We have a very strict one account per person rule because of the nature of the content and that people sometimes want get the benefit of saying stuff not tied to their main account. I have a large mod team and we’ve had years long discussions about what works for our community and for us, one account per person is the best solution. We have very minimal instances, again given the nature of the site, that there would be multiple family members on the same computer or device. 

What we do have are lots of people who don’t agree with the community rules and make a point of signing up multiple accounts knowing it will take us a little bit of time to figure it out. Usually it becomes obvious after a bit of time with someone jumping right in and there are common tells in posting style, but having something to flag “hey, this person has logged in under another account on this device“ would be a huge help. 

Agree with all of the above on why it should also be a core feature - being part of the moderation toolkit and workflow would be ideal. It needs to be part of core to have that ultimate functionality. 

[Morrigan]

I understand why it could be helpful to you and a few other people but I reiterate the fact that "if someone wants to get around the rules they will find a way".

I feel like this conversation is getting circular so instead of reiterating everything again I'll just politely leave the conversation with the last comment that I don't think something like this needs to be core. Its a niche need (primarily for gaming communities that have a ton of trolls) which isn't a common occurrence among the mass amounts of communities out there.

[Morgin]

16 minutes ago, Morrigan said:

Its a niche need (primarily for gaming communities that have a ton of trolls)

I run an education/academic community, so I’m not sure how accurate that is. It’s not trolls persay that are the problem for us, it’s people wanting to try out different opinions or perspectives and see the responses. Or people trying to deviously show support for their original comment. It’s not trying to specifically troll the site, they just don’t understand how toxic that behavior can be to a community. 

You’ll never stop everyone, but the goal should not be perfect detection, just another piece of data to help make informed moderation decisions. 

[Aiwa]

It’s a reasonable request, hence why there is a 3rd party app to meet this need. I agree that it is a niche need, though. There are likely tens of thousands of communities out there, not all of which visit the MP. THANK YOU FOR 4.5 ACP MP!! ... How many have purchased the 3rd party app up till now? Likely no more than a few hundred. IMO, those #’s qualify as niche. 

[Pavel Chernitsky]

7 hours ago, Morrigan said:

(primarily for gaming communities that have a ton of trolls) which isn't a common occurrence among the mass amounts of communities out there.

I'm sorry, but that's just a ridiculous statement... firstly because I'm running an automotive community, secondly because I myself dabble in gaming a bit and know for a fact there are no more "gamer" trolls than any other random kind, and lastly because the tendency to troll has nothing to do with one's hobbies, and everything to do with their nature, mentality and upbringing. 

Also, you don't have to agree with the need for anything, but dumbing it down to basically "It shouldn't be a core part because some admins are dumb and will ban family members using the same computer, and gamer trolls will find a way to bypass it" is actually pretty insulting to me. should we not have any way to enforce rules or laws just because some people find ways around them? Should we ban the selling of kitchen knives because a moron once stabbed himself in foot with it? that's a very simplistic and "turn the other cheek" kind of thinking if I'm being honest. I think admins should be given the maximum amount of tools to help them deal with "law breakers" and make their jobs at keeping the communities they are in charge with as much within the communities guidelines as possible.

 

4 hours ago, Aiwa said:

How many have purchased the 3rd party app up till now? Likely no more than a few hundred. IMO, those #’s qualify as niche. 

I get what you're saying, that is an easy metric to look at, but I don't think it's the only - or even the best - one to consider.

firstly, because that plugin is fairly expensive as far as marketplace plugins go for small one-man-show communities, and for larger communities who have an in-house dev (or dev team), they'll just have them write a similar plugin that perfectly fits the community's needs. Secondly, I'd say there are a fair few admins who just don't think of that option, I haven't until we've installed it on the previous forum software we used...

Also, when I say "niche" I don't mean "small numbers" but "small role. If we're looking at it conceptually, a duplicate user detector is - as I see it - the basis for the community's entire rules/warning system, and you got to agree that's a pretty important chunk of the system (or of a community in general, virtual or IRL). When you don't have a way to enforce the "punishments" you've given, why give them at all?

[Aiwa]

17 hours ago, Pavel Chernitsky said:

I get what you're saying, that is an easy metric to look at, but I don't think it's the only - or even the best - one to consider.

Fair point... There is more than one way to skin a cat. 

[Chippy365]

On 6/24/2020 at 9:01 PM, Pavel Chernitsky said:

Banning, blocking and moderating problematic users is all well and good, but if the user decides to open a new account and the site's admins can't detect it as a duplicate, all those tools are pretty useless.

I saw that through the years there have been a few plugins developed by the community, but I think that this should be a built-in integral functionality of the suite. Also the plugins are currently not available for purchase so I'm salty 😄 

What do you guys think? Should we have a built-in tool to help us find and intercept trolls and toxic users? Especially given how fairly simple is should be to implement (makes a cookie and then checks for it).

As an administrator of a fairly rowdy old school community I can tell you that such a tool would not help as much as you think.

1. IP Addresses can be avoided by going through a VPN (Or simply using their mobile phone network).
2. Cookies can be deleted and under GDPR users have to accept cookies being placed on their computer which gives the game away a little.

The way we approach it is that all new user accounts have to be validated by email address and approved by an administrator. There is a little tool in the Mod CP (which should be more widely publicised) that can let you see if the IP address matches that of anyone else in your community. This is an indicator but of course, not conclusive.

While I agree that it would be nice for IPB to notify you if a user has "links" to another user, they would also need to make it clear that it is not conclusive and is more for information than anything. It won't stop anyone who is even remotely technically aware and determined. It would simply be a tool to catch the low hanging fruit.

[Pavel Chernitsky]

On 7/26/2020 at 2:10 PM, Chippy365 said:

As an administrator of a fairly rowdy old school community I can tell you that such a tool would not help as much as you think.

1. IP Addresses can be avoided by going through a VPN (Or simply using their mobile phone network).
2. Cookies can be deleted and under GDPR users have to accept cookies being placed on their computer which gives the game away a little.

As I said, we have experience with such a tool from when we were using VB, and of course it doesn't work on all cases, but most people, even the technical ones, slip up at least once and forget to delete the cache or cookies, and then they pop up on the radar. 

Regarding IP vs cookies, ip is a complete no go. since here in Israel smartphone acceptance is extremely high (like 96% or something) and mobile data is very cheap and basically unlimited, pretty much 100% of our users log in from a mobile phone as well as a pc (if not exclusively). So IPs are all over the place. So the only viable option is a cookie (or some other method I'm not aware of). Since Israel isn't a part of the EU, we don't actually have to abide by the GDPR, but even when we will, I'm sure about how many people give that "we use cookies" message a second thought. 

I mean of course, I'd love a 100% fail proof system, but I'm not a complete moron (contrary to what my wife says) and I'm fully aware that any system, no matter how smart and sophisticated, can be circumvented. And until someone figures out something perfect, I'll take what I can get. 

[Chippy365]

9 minutes ago, Pavel Chernitsky said:

As I said, we have experience with such a tool from when we were using VB, and of course it doesn't work on all cases, but most people, even the technical ones, slip up at least once and forget to delete the cache or cookies, and then they pop up on the radar. 

Regarding IP vs cookies, ip is a complete no go. since here in Israel smartphone acceptance is extremely high (like 96% or something) and mobile data is very cheap and basically unlimited, pretty much 100% of our users log in from a mobile phone as well as a pc (if not exclusively). So IPs are all over the place. So the only viable option is a cookie (or some other method I'm not aware of). Since Israel isn't a part of the EU, we don't actually have to abide by the GDPR, but even when we will, I'm sure about how many people give that "we use cookies" message a second thought. 

I mean of course, I'd love a 100% fail proof system, but I'm not a complete moron (contrary to what my wife says) and I'm fully aware that any system, no matter how smart and sophisticated, can be circumvented. And until someone figures out something perfect, I'll take what I can get. 

To put on the record, I don't believe you're a moron at all.

Re: GDPR - If you are intending to cater for EU citizens in any capacity, then GDPR has to be followed. It's the reason why I doubt that Invision are going to spend any time developing a way to place cookies on a user device - as I imagine their core userbase are communities that do need to abide by GDPR.

I agree that IP addresses are a non-starter though. If you haven't already, take a look at the Mod CP and see if the tool there can assist. We use that tool in conjunction with requiring Admin CP approval - and if that is useful, you'd have a stronger argument in putting forward the case that such tools should be available from the AdminCP.

I do however think that if you are insistent on cookie-based checks, then you would be better off either developing something yourself or asking one of the mod developers to create something. Given that the vast majority of Invision's customers are targeting their community to include EU citizens, I very much doubt that Invision will develop a feature that allows GDPR to be effectively bypassed, whether by choice or not.

[CoffeeCake]

On 7/23/2020 at 9:08 PM, Aiwa said:

It’s a reasonable request, hence why there is a 3rd party app to meet this need. I agree that it is a niche need, though. There are likely tens of thousands of communities out there, not all of which visit the MP. THANK YOU FOR 4.5 ACP MP!! ... How many have purchased the 3rd party app up till now? Likely no more than a few hundred. IMO, those #’s qualify as niche. 

I've got to say that as a user of the third-party add-on available here, while appreciated, leaves much to be desired. There's absolutely room for improvement. Unfortunately, the UI is lacking terribly, making it cludgey to use and integrating poorly with other views that moderators and administrators have. While I use it due the absence of anything else, I don't think I'd recommend it to others on the basis of what's available to interact with and how all of the author's support requests are jammed into a single thread.

[Jordan Miller]

Love this idea. I ban someone and they pop up again a week later with a new account and continue to make the same mistakes (AKA verbal abuse)

[Black Zero]

Hello members

I have moved from VB to Invision. VB had a tool to find duplicate members which helped admin a lot. Which is not available here. Nowadays I have a problem that my site's premium data is being stolen by a member and sealed by a WhatsApp group and unfortunately I have no way to find it and if it is found somehow then when If he comes back with a new account, how can he be found? In that sense, the admin is a helpless administrator. I think it would be a good addition if it was a matter of imposing sanctions and one person having one account

[Ramsesx]

15 minutes ago, Guru Samrat said:

Which is not available here

 

[Black Zero]

3 minutes ago, Ramsesx said:

 

This plagins find after install new registration members ,but not check already registered members and data , and after ipb version update no guarantee compatible with new ipb version

[Pavel Chernitsky]

On 7/27/2020 at 5:57 PM, Chippy365 said:

To put on the record, I don't believe you're a moron at all.

You don't know me, I know me, and if I were you I wouldn't be so determined 😄 

On 7/27/2020 at 5:57 PM, Chippy365 said:

Re: GDPR - If you are intending to cater for EU citizens in any capacity, then GDPR has to be followed.

We don't, we have no intention of going international, but I see your point, it's definitely a good one against using cookies if it's for that purpose only. But doesn't IPS or Captcha or some of the other third party add-ons already use cookies? sounds weird that they wouldn't, but then again, I wouldn't know..

Guess they'll have to think of a cleavererer way to implement such a tool. 

[HDiddy]

Just adding to this topic we use multiple layers that seems to work well

We first use MAD

I find it works well and covers all options.  Plus it is being updated

 

Next we use

Most people whi are banned have their emails blocked requiring them to create a new one to register.  These new emails are usually disposable email accounts. This app lets us block the use of people registering with disposable accounts.

 

Other things we do.

1. We do not delete banned or spammer accounts. Once you delete it is harder to track if it is a dupe.

2. We do IP ban, not as effective but it is another layer