检测用户是否从非常规设备登录的最可靠方法是什么? [英] What's the most reliable way to detect if the user is logging in from a different device than usual?

问题描述

我怀疑我们都熟悉facebook和google之类的工具如何检测您是否使用的设备不同于平时，我想知道最可靠的方法是什么?

I suspect we're all familiar with how facebook and google and the like detect if you're using a different device than usual, I was wondering what the most reliable way to do this is?

我说的是老它看起来像在您登入从不同的设备"，然后当你确认等，它通常会向您发送一封电子邮件，询问您是否要信任该设备或没有.

I'm talking about the old 'It looks like you're signing in from a different device', and then when you confirm etc, it usually sends you an email and asks whether you want to trust this device or not.

很明显，一个人可以设置一个cookie，每次访问都会检查并记录一次cookie，但是当用户退出时该怎么办?我们保留cookie吗?

Obviously one could just set a cookie, one that maybe get's checked and logged each visit, but what about when the user signs out? Do we keep the cookie?

除了设置cookie之外，还有其他可靠的方法来信任"设备"吗?还是这是最好/最可靠的方法?

Is there any other reliable method to 'trust' a 'device' other than setting cookies? Or is this the best/most reliable way to do it?

推荐答案

检测设备更改的最可靠方法是创建指纹.要使100％正确，这是一个复杂的话题，有些商业产品相当不错，但并非完美无缺.几年前，我曾在其中一家公司工作.

The most reliable way to detect a device change is to create a fingerprint of the browser/device the browser is running on. This is a complex topic to get 100% right, and there are commercial offerings that are pretty darn good but not flawless. I worked at one of those companies several years ago.

现在有至少一个开源项目指纹客户端JS .我没有用过，但似乎涵盖了所有基础.

There is now at least one open source fingerprinting project Client JS. I have not used it, but it seems to cover the bases.

仅设置cookie并不是很可靠，因为平均而言，除非用户使用尝试重新设置cookie(收费服务)的网络，否则用户通常每30-45天清除一次cookie.即使那些也不是完美无瑕的.

Just setting a cookie is not very reliable because on average users clear cookies about every 30-45 days unless you use a network that attempts to re-set the cookie (paid services). Even those are not flawless.

仅使用IP地址是没有用的.某些设备合法地在短时间内拥有许多IP(在家中，工作场所和星巴克的笔记本电脑或大多数移动设备)，而有时单个IP由大量用户(星巴克或公司后面的所有人)共享代理服务器).

Just using the IP address is useless. Some devices legitimately have many IPs in a short period of time (laptop at home, work and Starbucks or most any mobile device), while sometimes a single IP is shared by a large number of users (all the folks at Starbucks or behind a corporate proxy server).

更新

关于您类似的哈希码的想法.

Thoughts on your similar hash code.

这是一个很复杂的话题.我有一个小团队几年.我们的确不错，但是即使人们不是故意地欺骗您，您也永远不可能做到100％准确.

It is a complex topic to get right. I had a small team for a few years. We got pretty darn good, but you can never be 100% accurate even when people are not intentionally trying to trick you.

• 如果CPU发生变化，则可能是另一台设备.
• 同一台物理设备上可以有许多用户代理.设备上的每个浏览器都有一个不同的用户代理，浏览器的隐私模式具有不同的用户代理，且熵要少得多.
• 对于给定的物理设备，字体的变化不会很快，尽管它并不是移动设备上熵的重要来源(安装的字体很少，对于给定类型的设备，字体通常都相同).
• 操作系统通常是稳定的，直到突然改变为止.如果您的设备在更新到Windows 10时似乎每个设备都是新设备，这对您来说是否重要?
• 颜色深度将非常稳定.如果用户安装新的图形卡，则可能会更改.这对您来说重要吗?

如果您可以接受认为某些设备实际上是新设备，反之亦然的想法，则这种相似性哈希可能对您有用.请注意，您绝不能使用这种指纹来唯一地标识设备，以用于需要肯定标识(例如访问安全数据)的目的.这对于做出概率决定(例如投放适当的广告)非常有用.

If you can accept thinking some devices are new when in fact they are the same and vice-versa, this type of similarity hash may work for you. Note that you can never use this type of fingerprint to uniquely identify a device for a purpose that requires positive identification such as access to secure data. It's great for making probabilistic decisions such as serving an appropriate ad.

这篇关于检测用户是否从非常规设备登录的最可靠方法是什么?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！