I have a game web site that is more or less one big giant “members area” with your typical authentication. We have several thousand users.
It’s our policy that there is a limit of one account per person. However… I am finding that it is increasingly difficult to track users that do not have static ip addresses. How would you approach this issue of tracking multiple accounts when non-static IP addresses in the loop?
As an extra note, we do log the users IP (and store it forever) when they register… and the IP of their LAST LOGIN (not entire IP login history, though).
That’s a tricky issue that even mature web sites have problems dealing with. What you need is a way to store unique info about the person, such as their credit card number, or a confirmed postal address, or other such means, but truthfully such solutions only provide a weak guarantee.