Accountless User Identification

AccountlessUserIdentification is related to IpEditing. The relation is, that AccountlessUserIdentification relies on and required IP-editing, and a system that supports accounts may also support IP-editing. Example: WikiIndex supports both, encourages RealNames for accounts and protects only few hight-importance pages from IP-editing.

A solution to the required login for EditsRequireKarma and WikiNeedsTrustMetrics.

I don't think that a login or account is required to make trust metrics work. A three-level procedure for assigning trust to parties would accommodate passers-by and temporary users as well as regulars:

In each case, the server keeps track of how much trust/karma is awarded each party.

Of course, passers-by are grouped by IP and IPs may change, but this behaviour is acceptable for a one-time visitor.

-- GunnarZarncke


PersonalWatchListImplementation has a section along these same lines, but argues for a cookies-only approach.

Thanks, I didn't know that page. I think, I will refactor that to refer to this page.

I don't think the system proposed on this page is superior. This page uses IP addresses, cookies, and user accounts to accomplish the same thing as PersonalWatchListImplementation achieves with just cookies.

It is superior in its simplicity, yes. But what do you do if the visitor has disabled cookies? May he edit nothing? And the proposed solution for transferring the cookie is also sub-optimal being only for experienced cookie-users. But I won't dispute that one might improve them enough to avoid accounts altogether. -- .gz

In PersonalWatchList, it's not a big deal if the user has cookies disabled - he can still edit pages, just not update his watch list.

Of course.

If I may interject, it is well known that some users post from the same IP address. And other users post from two IP addresses. The solution will work only for users who are willing to cooperate, which is SoftSecurity, which will not do much to alleviate the problems with SoftSecurity failures.

There is some value in trying to accommodate people who have cookies disabled, but I don't think we should be bending over backwards for them. Anyone who has cookies normally disabled is well aware of the limitations they are placing on themself. If a cookie is lost in PersonalWatchList, the user is inconvenienced due to his own choice, but the system is not compromised. In EditsRequireKarma, it's not clear if the system would be compromised. Suppose I "log in" with a cookie, do something bad that will lower my karma, and then delete my cookies and rinse and repeat. The only way to stop that is to have something stronger than cookies, or start new accounts with such a small amount of karma that they can't even post. But then there would need to be a way for them to grow karma without posting.

See also:


EditText of this page (last edited October 11, 2014) or FindPage with title or text search