Implementing a voting system without requiring registration

Question

I\'d like to implement a voting system on my site, without having to force them to create an account. They would ultimately be voting up/down a piece of content which has a

Answer 1

You could allow them to login using OpenId, this would allow them to use an existing account to vote and they wouldnt have to create a new account.

Google and Yahoo and others have services to allow you to authenticate users.

If you dont authenticate users in some way, the voting system would me open to abuse.

Answer 2

The IP + user agent is a lot more unique than IP; not sure whether it's adequate for your purposes. If you send them a cookie, it will get returned by that computer (if they're using the same browser) as long as the cookie stays around, regardless of IP, but note that the user can get rid of the cookie whenever they want.

If you're concerned at all about using this system to prevent vote fraud, I do not believe you are not going to be able to get around making them have an account.

Answer 3

I'm thinking the same problem right now. my possible approaches will be as follows:

• (A) you can accept votes from those people who were in your site (using SESSIONS) for at least 15 minutes (it can be approximate time for a user to read an article in a blog/site). when they vote, the timer will reset for the next vote. so this way, there is no use deleting the cookies anymore for users.

• (B) you can accept votes from unregistered people and taking their email address and sending them a verification link to their vote. when they click the verification link in their email box, then you can actually count the vote. it's like voting per email address.

• (C) combination of (A) and (B). this way you can be sure you will be sending verification links only every 15 minutes to a single user which will not be a lot :)

Answer 4

You could identify users based on more than just their IP. For example you could include the IP + the entire request header information (such as Browser, Version Numbers, Capabilities) and hash that. That will more or less uniquely identify your user (not 100% though, unfortunately.)

Answer 5

Yes, you could use a cookie and set the expiration very far into the future; however, there is nothing stopping anyone from clearing their cache and voting again.

Your best bet, is to use the cookie and don't allow votes from the same IP within 15 minutes of each other... without registration thats the best you can do.

Answer 6

I know this is old, but just came here and had an idea..

What about something like https://panopticlick.eff.org ? Yet another thing one could throw in ..

(If this ever goes offline: This is a cumulative fingerprint made of the usual stuff plus + Browser Plugin Details + Time Zone + Screen Size and Color Depth + System Fonts + supercookies )