因为我想解决方案工作在所有机器和所有浏览器(在合理的范围内)，我试图使用javascript创建一个解决方案。

这难道不是一个不使用javascript的好理由吗?

正如其他人所说，饼干可能是你最好的选择，但要知道它的局限性。

我猜结论是我不能通过编程唯一地识别一台正在访问我的网站的计算机。

I have the following question. When i use a machine which has never visited my online banking web site i get asked for additional authentification. then, if i go back a second time to the online banking site i dont get asked the additional authentification. reading the answers to my question i decided it must be a cookie involved. therefore, i deleted all cookies in IE and relogged onto my online banking site fully expecting to be asked the authentification questions again. to my surprise i was not asked. doesnt this lead one to believe the bank is doing some kind of pc tagging which doesnt involve cookies?

此外，今天在谷歌搜索了很多之后，我发现了以下公司，他们声称出售一种解决方案，可以唯一地识别访问网站的机器。http://www.the41.com/products.asp。

我很感激所有好的信息，如果你能进一步澄清这些相互矛盾的信息，我将非常感激。

通过HTTP连接只能获得少量信息。

IP - But as others have said, this is not fixed for many, if not most Internet users due to their ISP's dynamic allocation policies. Useragent String - Nearly all browsers send what kind of browser they are with every request. However, this can be set by the user in many browsers today. Collection of request fields - There are other fields sent with each request, such as supported encodings, etc. These, if used in the aggregate can help to ID a user's machine, but again are browser dependent and can be changed. Cookies - Setting a cookie is another way to identify a machine, or more specifically a browser on a machine, but as others have said, these can be deleted, or turned off by the users, and are only applicable on a browser, not a machine.

So, the correct response is that you cannot achieve what you would live via the HTTP over IP protocols alone. However, using a combination of cookies, as well as IP, and the fields in the HTTP request, you have a good chance at guessing, sort of, what machine it is. Users tend to use only one browser, and often from one machine, so this may be fairly relieable, but this will vary depending on the audience...techies are more likely to mess with this stuff, and use more machines/browsers. Additionally, this could even be coupled with some attempt to geo-locate the IP, and use that data as well. But in any case, there is no solution that will be correct all of the time.

假设您不希望用户拥有控制权，那么您就不能这样做。网络并不是这样工作的，你能期望的最好的是一些启发式。

如果你可以强迫访问者安装一些软件并使用TCPA，你可能会成功。

我的文章可能不是一个解决方案，但我可以提供一个例子，这个功能已经实现。

如果你第一次在电脑上访问www.supertorrents.org的注册页面，没问题。但如果您刷新页面或再次打开页面，它会识别出您之前访问过该页面。真正的美妙之处在于——即使你重新安装Windows或其他操作系统，它也能识别出来。

我在某处读到，他们存储CPU ID。虽然我不知道他们是怎么做到的，但我非常怀疑，他们可能使用MAC地址来做到这一点。

如果我知道怎么做，我一定会分享的。

我将使用cookie和flash cookie的组合来做到这一点。创建一个GUID并将其存储在一个cookie中。如果cookie不存在，请尝试从flash cookie中读取它。如果仍未找到，则创建它并将其写入flash cookie。通过这种方式，您可以跨浏览器共享相同的GUID。