Cookies fall short just the same as sessions. you’re asking the user to pinkie promise they won’t clear their cookies / modify them.
An account seems the most logical. You need to avoid duplicates ; it’s not really about privacy here. You’ll only make a tradeoff between accomplishing no duplicates and letting users do what they want.
Cookies fall short just the same as sessions. you’re asking the user to pinkie promise they won’t clear their cookies / modify them.
An account seems the most logical. You need to avoid duplicates ; it’s not really about privacy here. You’ll only make a tradeoff between accomplishing no duplicates and letting users do what they want.