我觉得饼干可能就是你要找的东西;这是大多数网站唯一识别访问者的方式。

与前面的解决方案一样，cookie是一个很好的方法，但要注意它们可以识别浏览器。如果我先用火狐浏览器访问一个网站，然后再用ie浏览器访问，两次访问都会分别存储cookie。一些用户也禁用cookie(但更多的人禁用JavaScript)。

另一种需要考虑的方法是IP和主机名标识(请注意，对于拨号/非静态IP用户，这些可能有所不同，AOL也使用通用IP)。然而，由于这只识别网络，这可能不像cookie那样工作。

假设您不希望用户拥有控制权，那么您就不能这样做。网络并不是这样工作的，你能期望的最好的是一些启发式。

如果你可以强迫访问者安装一些软件并使用TCPA，你可能会成功。

通过HTTP连接只能获得少量信息。

IP - But as others have said, this is not fixed for many, if not most Internet users due to their ISP's dynamic allocation policies. Useragent String - Nearly all browsers send what kind of browser they are with every request. However, this can be set by the user in many browsers today. Collection of request fields - There are other fields sent with each request, such as supported encodings, etc. These, if used in the aggregate can help to ID a user's machine, but again are browser dependent and can be changed. Cookies - Setting a cookie is another way to identify a machine, or more specifically a browser on a machine, but as others have said, these can be deleted, or turned off by the users, and are only applicable on a browser, not a machine.

So, the correct response is that you cannot achieve what you would live via the HTTP over IP protocols alone. However, using a combination of cookies, as well as IP, and the fields in the HTTP request, you have a good chance at guessing, sort of, what machine it is. Users tend to use only one browser, and often from one machine, so this may be fairly relieable, but this will vary depending on the audience...techies are more likely to mess with this stuff, and use more machines/browsers. Additionally, this could even be coupled with some attempt to geo-locate the IP, and use that data as well. But in any case, there is no solution that will be correct all of the time.

这些人开发了一种指纹识别方法，可以非常准确地识别用户:

https://panopticlick.eff.org/static/browser-uniqueness.pdf

We investigate the degree to which modern web browsers are subject to “device fingerprinting” via the version and configuration information that they will transmit to websites upon request. We implemented one possible fingerprinting algorithm, and collected these fingerprints from a large sample of browsers that visited our test side, panopticlick.eff.org. We observe that the distribution of our finger- print contains at least 18.1 bits of entropy, meaning that if we pick a browser at random, at best we expect that only one in 286,777 other browsers will share its fingerprint. Among browsers that support Flash or Java, the situation is worse, with the average browser carrying at least 18.8 bits of identifying information. 94.2% of browsers with Flash or Java were unique in our sample.

通过观察回访用户，我们估计浏览器指纹随时间变化的速度。在我们的样本中，指纹变化很大 很快，但即使是一个简单的启发式通常也能猜出指纹是先前观察到的浏览器的“升级”版本 指纹，99.1%的猜测正确率和假阳性率只有 0.86%。

We discuss what privacy threat browser fingerprinting poses in practice, and what countermeasures may be appropriate to prevent it. There is a tradeoff between protection against fingerprintability and certain kinds of debuggability, which in current browsers is weighted heavily against privacy. Paradoxically, anti-fingerprinting privacy technologies can be self- defeating if they are not used by a sufficient number of people; we show that some privacy measures currently fall victim to this paradox, but others do not.

我将使用cookie和flash cookie的组合来做到这一点。创建一个GUID并将其存储在一个cookie中。如果cookie不存在，请尝试从flash cookie中读取它。如果仍未找到，则创建它并将其写入flash cookie。通过这种方式，您可以跨浏览器共享相同的GUID。