这些人开发了一种指纹识别方法，可以非常准确地识别用户:

https://panopticlick.eff.org/static/browser-uniqueness.pdf

We investigate the degree to which modern web browsers are subject to “device fingerprinting” via the version and configuration information that they will transmit to websites upon request. We implemented one possible fingerprinting algorithm, and collected these fingerprints from a large sample of browsers that visited our test side, panopticlick.eff.org. We observe that the distribution of our finger- print contains at least 18.1 bits of entropy, meaning that if we pick a browser at random, at best we expect that only one in 286,777 other browsers will share its fingerprint. Among browsers that support Flash or Java, the situation is worse, with the average browser carrying at least 18.8 bits of identifying information. 94.2% of browsers with Flash or Java were unique in our sample.

通过观察回访用户，我们估计浏览器指纹随时间变化的速度。在我们的样本中，指纹变化很大 很快，但即使是一个简单的启发式通常也能猜出指纹是先前观察到的浏览器的“升级”版本 指纹，99.1%的猜测正确率和假阳性率只有 0.86%。

We discuss what privacy threat browser fingerprinting poses in practice, and what countermeasures may be appropriate to prevent it. There is a tradeoff between protection against fingerprintability and certain kinds of debuggability, which in current browsers is weighted heavily against privacy. Paradoxically, anti-fingerprinting privacy technologies can be self- defeating if they are not used by a sufficient number of people; we show that some privacy measures currently fall victim to this paradox, but others do not.

我猜结论是我不能通过编程唯一地识别一台正在访问我的网站的计算机。

I have the following question. When i use a machine which has never visited my online banking web site i get asked for additional authentification. then, if i go back a second time to the online banking site i dont get asked the additional authentification. reading the answers to my question i decided it must be a cookie involved. therefore, i deleted all cookies in IE and relogged onto my online banking site fully expecting to be asked the authentification questions again. to my surprise i was not asked. doesnt this lead one to believe the bank is doing some kind of pc tagging which doesnt involve cookies?

此外，今天在谷歌搜索了很多之后，我发现了以下公司，他们声称出售一种解决方案，可以唯一地识别访问网站的机器。http://www.the41.com/products.asp。

我很感激所有好的信息，如果你能进一步澄清这些相互矛盾的信息，我将非常感激。

The suggestions to use cookies aside, the only comprehensive set of identifying attributes available to interrogate are contained in the HTTP request header. So it is possible to use some subset of these to create a pseudo-unique identifier for a user agent (i.e., browser). Further, most of this information is possibly already being logged in the so-called "access log" of your web server software by default and, if not, can be easily configured to do so. Then, a utlity could be developed that simply scans the content of this log, creating fingerprints of each request comprised of, say, the IP address and User Agent string, etc. The more data available, even including the contents of specific cookies, adds to the quality of the uniqueness of this fingerprint. Though, as many others have stated already, the HTTP protocol doesn't make this 100% foolproof - at best it can only be a fairly good indicator.

您可以使用fingerprintjs2

new Fingerprint2().get(function(result, components) {
  console.log(result) // a hash, representing your device fingerprint
  console.log(components) // an array of FP components
  //submit hash and JSON object to the server 
})

在此之后，您可以根据现有用户检查所有用户并检查JSON相似性，因此即使他们的指纹发生了突变，您仍然可以跟踪他们

你可能想尝试在evercookie中设置一个唯一的ID(它可以跨浏览器工作，见他们的常见问题): http://samy.pl/evercookie/

还有一家叫做ThreatMetrix的公司，被很多大公司用来解决这个问题: http://threatmetrix.com/our-solutions/solutions-by-product/trustdefender-id/ 它们相当昂贵，而且他们的其他一些产品也不太好，但他们的设备id运行良好。

最后，还有这个开源jquery实现的panopticlick的想法: https://github.com/carlo/jquery-browser-fingerprint 它现在看起来很不成熟，但可以扩展。

希望能有所帮助!

假设您不希望用户拥有控制权，那么您就不能这样做。网络并不是这样工作的，你能期望的最好的是一些启发式。

如果你可以强迫访问者安装一些软件并使用TCPA，你可能会成功。