I want users to be remembered on my site but I don't have any kind of signup. I want user to choose a username when he es to the website for the first time and then for every other request from that user I want to remember the username. I tried this-

As a user can't signup using Facebook or email or anything else, I was not able to find a way to remember user. So, I mapped the user's username with his IP Address and saved it to the database. So, subsequent requests from that IP Address would tell me 'which user it is'. But then I came to know that IP Address can change when you reset your modem/connection. And for static IP Address you have to pay your ISP. Then, I am quite sure that most of the users have dynamic IP Addresses.

So, is there a way to do this? I know about cookies and sessions but I don't think that's the best way. May be I am wrong. I just want to know how big players in the world tackle this type of problem. Or maybe, what better solutions are out there to do this? Please give me directions.

Added:

As based on an answer, if I do it on basis of cookies, won't that delete user history when the cookies are removed from the browser? And if the user login in from same PC using different browsers, won't he be asked username multiple times?

I want users to be remembered on my site but I don't have any kind of signup. I want user to choose a username when he es to the website for the first time and then for every other request from that user I want to remember the username. I tried this-

As a user can't signup using Facebook or email or anything else, I was not able to find a way to remember user. So, I mapped the user's username with his IP Address and saved it to the database. So, subsequent requests from that IP Address would tell me 'which user it is'. But then I came to know that IP Address can change when you reset your modem/connection. And for static IP Address you have to pay your ISP. Then, I am quite sure that most of the users have dynamic IP Addresses.

So, is there a way to do this? I know about cookies and sessions but I don't think that's the best way. May be I am wrong. I just want to know how big players in the world tackle this type of problem. Or maybe, what better solutions are out there to do this? Please give me directions.

Added:

As based on an answer, if I do it on basis of cookies, won't that delete user history when the cookies are removed from the browser? And if the user login in from same PC using different browsers, won't he be asked username multiple times?

• javascript
• php
• html
• web
• session-cookies

Share Improve this question Follow edited Mar 11, 2014 at 6:02 Martin Thoma 137k173173 gold badges679679 silver badges1k1k bronze badges asked Mar 11, 2014 at 5:47 halkujabrahalkujabra 2,94244 gold badges2727 silver badges3838 bronze badges 6

• use cookies or session, that will acplish your job – Dimag Kharab Commented Mar 11, 2014 at 5:51
• So you don't want to use OAuth, cookies, or even IPs. Have you considered using Data Storage? Or maybe even Flash Cookies, as they separate from the browser and require an extra step to remove. – Dave Chen Commented Mar 11, 2014 at 5:57
• Cookies and localStorage will be lost when the user clears personal data or changes browser. The only throughout solution I know to "remember" user is registration - you can use OAuth to facilitate registration (e.g. creating account without having to fill a form). – Fabrício Matté Commented Mar 11, 2014 at 5:57
• @DaveChen I think the only solution left is to get an email. – halkujabra Commented Mar 11, 2014 at 6:04
• Forgive me for being forward about this, but it's honestly just two text fields, username & password, if your users can't type into two text fields, then maybe they don't value their participation as a user on your site. A website should make their users want to register on it. – Dave Chen Commented Mar 11, 2014 at 6:07

 |  Show 1 more ment

2 Answers 2

Sorted by: Reset to default 4

Don't rely on IP addresses. Use an infinite cookie. In jQuery you can set a cookie to expire as follows (showing 20 years expiration - that should be enough!):

$.cookie('my_cookie', 'my_value', { expires: 365 * 20 });

If you're worried about the user clearing cookies, another interesting approach is to ask for an email address (just email, no password). Then you can email that user a link back to your site with an access token appended to the URL which authenticates that user - and store it again in an infinite cookie. This way, you always have a way of authenticating a user without requiring formal sign up.

EDIT: Reading your question again it looks like you're trying to remember a user's account based solely on what the user tells you his username is. This is not a secure approach and also will result in lost accounts. You're going to need to save something on the server, whether a unique token, password, or email address.

If you are not using any kind of login, there is no concrete way to remember the visiting user, here is why :

Cookies : i clear my cache, or use different browser to access the site, then, cookie logic would fail ( cookies are also browser specific )

Session : Browser is closed for sufficient time and session might get destroyed

IP : change of machine / location / modem( on same machine as last time ) will change the IP

One simple work around for this problem is to use open-id for login, this way, u wont have to worry about the credentials and this will offer a secure way to.

Check this thread on how to use open-id to embedd to a site : How to add Social login services from Google, Facebook, Yahoo etc. to my website?