I'm building a webapp, and I could use a solution that allows me to uniquely identify the users puter.
The reason for this is, that once the user is logged into to the application he/she can start several sessions (which is stored in mySQL) related to the app - however, the sessions should only be available from the puter in which the session was initiated.
I cannot use cookies, since the application should allow users to close the browser, restart the puter etc etc., without any risk of loosing the users session.
At first I thought I would be possible to get something like a motherboard serial. Naaah, not going to happen.
Then I thought of generating an MD5 hash based on users remote address + MAC address, until I found out that this is only possible using older versions of IE with ActiveX.
Then I came to think if all Chrome installations have some sort of unique browser ID I could use? ... Haven't been able to find anything helpful.
Any great ideas on how to generate an unique string based on the users puter?
I'm building a webapp, and I could use a solution that allows me to uniquely identify the users puter.
The reason for this is, that once the user is logged into to the application he/she can start several sessions (which is stored in mySQL) related to the app - however, the sessions should only be available from the puter in which the session was initiated.
I cannot use cookies, since the application should allow users to close the browser, restart the puter etc etc., without any risk of loosing the users session.
At first I thought I would be possible to get something like a motherboard serial. Naaah, not going to happen.
Then I thought of generating an MD5 hash based on users remote address + MAC address, until I found out that this is only possible using older versions of IE with ActiveX.
Then I came to think if all Chrome installations have some sort of unique browser ID I could use? ... Haven't been able to find anything helpful.
Any great ideas on how to generate an unique string based on the users puter?
Share Improve this question edited Nov 13, 2012 at 7:46 CyberDude 8,9795 gold badges32 silver badges51 bronze badges asked Nov 13, 2012 at 7:42 EibergDKEibergDK 5641 gold badge8 silver badges19 bronze badges 3- possible duplicate of How to uniquely identify a puter? – Quentin Commented Nov 13, 2012 at 7:45
- @Quentin, Don't know why people won't use username + password to indent users...? – gdoron Commented Nov 13, 2012 at 8:08
- Please read full post... "The reason for this is, that _____once the user is logged into to the application he/she can start several sessions____" – EibergDK Commented Nov 13, 2012 at 8:25
2 Answers
Reset to default 9You'll have to relax your constraints : even by using the browser digital print, you won't be able to have a guaranteed not changed and not lost UID.
My usual solution, which works very well but with no guarantee, is to send from the server to the browser an UID and to store it in localstorage. Note that a puter savvy user can remove it or change it. But if the user isn't your foe, this works well.
The reasons to prefer localstorage over cookies are :
- no expiration
- no tools to "clean" them, as they were origin-bound from the start and thus haven't the privacy-breach reputation of cookies
- of course the cleaner and saner interface for javascript applications
I cannot use cookies, since the application should allow users to close the browser, restart the puter etc etc., without any risk of loosing the users session.
Cookies are not lost when the pute restart. You can use cookies.