authenticationcookiesip-addressvoting-system

Limiting an action to once per guest user (without log in)


To aid engagement, it would be preferable to allow users who are not logged in to a website to vote on a topic. Obviously this should be limited to one vote per user per topic. I am well aware that the ideal solution would in fact be to force users to log in or create an account, but (partly as a challenge) I would like to avoid this.

My research so far has pointed to some combination of the following:

What have I missed? I'm aware that this isn't ideal, but is there any kind of protocol for this?


Solution

  • Without authentication, there is no way to do that in a way that would rule out bots.

    But I believe there is a middle ground that could work.

    Since they will be anonymous votes, try to come up the two numbers below:

    AND

    And if any of those rates are met, you just inform the user that the limit of anonymous votes per minute was reached and they have to wait a bit or register.

    That way you still get engagement from those users without worrying too much with bots.