Using cookies to verify visitors
Results 1 to 3 of 3

Thread: Using cookies to verify visitors

  1. #1
    Junior Member
    Join Date
    Mar 2003
    Posts
    1

    Using cookies to verify visitors

    I"ve been playing a game on-line which requires a password, cookies and javascript in order to play. The problem we have had here is that some players have created multi-accounts to cheat. The admin claims he deletes any multi-accounts, and any accounts with same IP. He also assures us he uses the other info from the cookies to check out any users we feel are cheats in case they use a proxy to change IP. At his request I have from time to time checked him by creating other accounts using not only anonymous proxies, and logging in as a different user on my pc, but by changing my screen resolution etc.. to throw him off. He constantly is able to detect them and delete them.
    The problem is there are several accounts that I know for sure are multi-accounts, yet they don't seem to get deleted.
    My question is could these other accounts actually have a way of fooling his verification(and if so how can I prove it to him) or is he merely deleting only the accounts he chooses to, thereby favoring one side?

  2. #2
    Junior Member
    Join Date
    Mar 2003
    Posts
    3
    How about simply having 2 or more different computers on seperate ip addresses? This could be especially easy on dial-ups that don't monitor a single account holder logging into 2 or more modems in their bank, remotely accessing another computer, etc... This way they would be using seperate ip address, seperate cookies, seperate monitors, seperate everything, yet be the same person.
    Then they came for the Catholics and I didn\'t speak up because I was a Protestant. Then they came for me--and by that time no one was left to speak up.
    -- Martin Niemöller 1892-1984

  3. #3
    AO Antique pwaring's Avatar
    Join Date
    Aug 2001
    Posts
    1,409
    It's also not necessarily a good idea to ban multiple accounts from the same IP address. Many institutions (particulary those in educational sectors) have a gateway/proxy to the internet with a single IP address. Each request over HTTP is forwarded by the proxy, so the site that someone is visiting will only see the one main IP address, rather than the ones used for internal network purposes. Stop multiple accounts from the same IP address and you effectively limit such places to only one person being allowed to sign up for the service.
    Paul Waring - Web site design and development.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •