All Questions

Coding

What is the best way to identify unique website users (without accounts) to make something similar like https://50hacks.co/ from Marc Lou ?

Hi. I’m planning to make upvote app too, but little different. But also without accounts, so users don’t have to register to upvote.

What about sessions? Is this the right way?

author Dobroslav Radosavljevič

Reply
14 Answers

You can use sessions, yes. Although when you want to make sure the user can be identified over multiple days you might have to consider another solution. Sessions basically consist of a dataset on your server combined with a cookie in the user’s browser. And they can delete those cookies, of course.

writen by Benedikt

Sessions + taking advantage of Local Storage

writen by Pere Ayats

I think Marc did using IP address and device/browser fingerprinting. Not 100% sure tho. 🤔

writen by Suvojit Manna

Thanks all guys. So sessions + IP address combination is good, right?

writen by Dobroslav Radosavljevič

Most unique is fingerprinting

writen by Benedikt

If you used IP I would suggest combining it with the user agent

writen by Benedikt

for 50 Hacks I identify voters with ip 1 ip = 1 vote/hack Also, I keep track in the localStorage of the votes so 1 non-techy can’t click the voting button multiple times

Does it go against the GDPR? Dobroslav Radosavljevič & I are wondering

writen by Marc Lou

It’s not against GDPR if you use it for security reasons (what you kind of do). In this case it’s (imho) kind of gray because you could also use it for tracking/identification if not anonymized. In any case you have to explain the usage on you data protection page.

writen by Benedikt

What about browser fingerprint? User Agent, etc.

writen by Dobroslav Radosavljevič

User agent (afaik) is ok, in combination with IP as well if used for security/technical reasons. Fingerprinting should need consent since this is very much a tracking approach. Although it might also be ok for security reasons.

writen by Benedikt

https://www.npmjs.com/package/@fingerprintjs/fingerprintjs Well I found this…If you just generate hash, send it to server, save to db and then identify browser with that hash when he visit website or do some action…That might be ok, or not?

writen by Dobroslav Radosavljevič

It might be. Although since the fingerprint hash would be the same for each browser this is basically even more private info than with IP addresses. And you could even track users with that hash across different apps. If the hash doesn’t include app information that is.

writen by Benedikt

That’s nice

writen by Dobroslav Radosavljevič

Thanks you for your insights Benedikt You helped me a lot!

writen by Dobroslav Radosavljevič

Do you want to ask a question?


Related Questions