1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Duplicate account detector?

Discussion in 'XenForo Questions and Support' started by Ingenious, Oct 21, 2012.

  1. Ingenious

    Ingenious Well-Known Member

    I'm looking for a plugin that detects duplicate accounts (ie. by use of IP and cookies). I could have sworn there was one for Xenforo but I can't for the life of me find it in resources.

    I used to have one running on vB and it was quite handy. I know it's not 100% effective but does throw up the odd member trying to do naughty things.

    Can anyone help please?
  2. HWS

    HWS Well-Known Member

  3. Ingenious

    Ingenious Well-Known Member

    Really appreciate that HWS, thanks and installed :)
  4. Bram

    Bram Well-Known Member

    The original creator said he stopped supporting the mod but allows others to continue the development for newer xenforo versions. Has somebody taken up this development challenge?
    Mouth likes this.
  5. HWS

    HWS Well-Known Member

    There is no need for support. It works with 1.1.3. This is the last version of XenForo.
    Evina likes this.
  6. Mouth

    Mouth Well-Known Member

    True, but it would be terrific to see a developer add this to their portfolio and extend it's functionality.
  7. MOZ

    MOZ Well-Known Member

    Extend in what way?
  8. Bram

    Bram Well-Known Member

    So far it indeed works good but wasn't it the original dev himself said that some bugs needed to be ironed out?
  9. MOZ

    MOZ Well-Known Member

    I'll take this up and rerelease this in the RM. Initially I'll look to iron out any current bugs and then move on to adding any new features.
    Anthony Parsons, Alfa1 and Mouth like this.
  10. Alfa1

    Alfa1 Well-Known Member

    There are several ways to detect multiple accounts:
    1. IP addresses including IPv6, IPs used at browsing and posting
    2. cookies
    3. evercookie for banned users
    4. browser fingerprinting
    5. mac address through javascript
    An IP address detection alone is not enough to be certain that the accounts are operated by the same user. There are other factors that a script can consider:
    1. similar usernames
    2. similar email address
    3. similar username of one account as the email address in another account
    4. similar DoB
    5. similar user profile fields
    6. same email domain
    7. similar contact details
    8. posts in same forums
    9. visits or posts to the same threads
    10. accounts give likes to each other
    11. accounts do not have conversations with each other
    12. one or more accounts have warnings / bans
    13. IP address is dedicated or not.
    14. Email address is active or not (if the site requires active email to post)
    The outcome of the above calculation allows a script to define users that have a very high probability to be duplicate accounts.

    When a duplicate account is found there are various actions that can be taken:
    1. alert staff
    2. merge accounts
    3. send warning
    4. ban accounts
    5. make account discouraged user
    6. disallow registration
    7. ban IP
    8. ban browser fingerprint
    9. give evercookie
    10. remove likes traded between the accounts
    11. assign the report to a moderator
    12. ignore the report
    13. ignore reports about the user forever
    Or any combination of the above. We should be able to define how duplicate accounts are handled for various types of users.
    Mind that there is a significant difference between a malicious duplicate account and a genuine user with a duplicate account.

    With the vbulletin MAD addon the process was inaccurate and very labor intensive. Staff needed to review all reports, review accounts, contact users, warn, merge, close the report. I have many thousands of reports on my site, so thats an insane amount of work.

    With the above functions its possible to automate the whole process.

    I would love to see a complete solution for multiple accounts.
    Renegade, Mouth and Ingenious like this.
  11. RobParker

    RobParker Well-Known Member

    The VB one occasionally got it wrong as well and gave false positives.
  12. Anthony Parsons

    Anthony Parsons Well-Known Member

    I would prefer automatic management is optional... as nothing beats a pair of eyes looking over things, or a simple PC to the users asking some questions to ascertain whether they're the same user or not.
    RobParker likes this.
  13. Alfa1

    Alfa1 Well-Known Member

    Yes, you are right. There will always be instances where human eyes are necessary. Also for smaller boards its probably best to handle everything manually. For big boards its simply not possible and it would be optimal to automate all the obvious cases.

    I will adapt the list above, so that it includes assigning a report to a moderator.
    Anthony Parsons likes this.
  14. Mouth

    Mouth Well-Known Member

    The existing add-on already provides such functionality.
    Anthony Parsons likes this.

Share This Page