Jump to content
Sign in to follow this  
four_twenty

Email voting verification

Recommended Posts

Please fix the email verification voting. It claims that I will only have to do it once, but I have to verify my email every time I want to vote for the server I am playing and it is getting rather annoying.

If its browser cookie based, fix it to run off network card MAC address or something else. I haven't tested if its cookie based but you can't expect people to not clear their cache.

Share this post


Link to post
Share on other sites

Hi, thanks for the report. Please consider that this is exactly what cookies are for. Next to being impossible to fetch lower level information like a MAC address through a web browser there are also legal implications if it were possible. You should really only clear your browser cache for technical reasons.

I assume that you keep getting the email verification because you keep clearing your browser cache? If not, we will investigate your issue further.

Share this post


Link to post
Share on other sites
16 minutes ago, Arix said:

Hi, thanks for the report. Please consider that this is exactly what cookies are for. Next to being impossible to fetch lower level information like a MAC address through a web browser there are also legal implications if it were possible. You should really only clear your browser cache for technical reasons.

I assume that you keep getting the email verification because you keep clearing your browser cache? If not, we will investigate your issue further.

There are MANY other reasons to clear browser cache, especially when not using your own secured machine. If you guys can't manage to figure it out, I know I will not be the only one who will completely be discouraged from voting.

Maybe once an email has been verified, once i type it again have it accept the request instead of sending the email again. You could even go as far as an ip address and email double match.

Share this post


Link to post
Share on other sites
7 hours ago, four_twenty said:

There are MANY other reasons to clear browser cache, especially when not using your own secured machine. If you guys can't manage to figure it out, I know I will not be the only one who will completely be discouraged from voting.

Maybe once an email has been verified, once i type it again have it accept the request instead of sending the email again. You could even go as far as an ip address and email double match.

Email verification is a new feature that we are currently testing in collaboration with RuneWild's owner.

We're doing our best to stop all forms of double voting. For that, we use many techniques. Cookies are one of them.

Cookies tell us something about a visitor's history at RuneLocus. This info helps us assess the likelihood of someone cheating.

About 90% of all voters of RuneLocus have these cookies saved in their browsers. Many of them have had them saved for months or even years, because the cookie's lifespan extends on each vote. The remaining 10% does not have a cookie set, however, the vast majority of this 10% does keep the cookie saved after voting and turns out to be a (new) frequent voter.

In RuneWild's case, this remaining 10% is being prompted with email verification. We're doing this because RuneWild had an unusually high amount of double voters that was causing unfair rankings on our list. The email verification is a one-time operation though, because after successfully voting, the cookies are added. And like I said: the vast majority does keep cookies saved.

If you decide for some reason to clear your cookies every day, or use a public computer to vote, you indeed might have to verify your email over and over. Sucks, but that's how things work. We need this functionality to guarantee a fair toplist.

There are no reliable alternatives. We already use IP addresses to limit votes, but that's easy to bypass as a double voter. These cookies or the one-time email verification aren't as easy to bypass.

You're suggesting detecting MAC addresses, but that's technically impossible for a website. Just submitting the previously used email address does won't work neither for many reasons. A double match with email + IP addresses won't work neither, because similar to your situation, someone else will come here complaining about dynamic IP address users being disadvantaged. And trust me, especially since IPv6, many people have a dynamic IP. That's a no-go for sure.

All in all, there's no way around this. You'll have to accept the continuous email verification, or else you'll just have to buy your own computer that is capable of saving cookies. We can't just disable this whole security feature for a handful of people who're using public computers to vote. That'd be the same as widely opening the doors to Incignito Browser-users with a VPN: unlimited vote cheating.

Share this post


Link to post
Share on other sites

Not to mention that, not just RuneLocus will be a problem for you, but every website where you log in, will require you to log in every time. All recaptchas will ask you for picture verification, because they don't remember seeing you, ...

Share this post


Link to post
Share on other sites
On 12/5/2020 at 2:34 AM, four_twenty said:

Please fix the email verification voting. It claims that I will only have to do it once, but I have to verify my email every time I want to vote for the server I am playing and it is getting rather annoying.

If its browser cookie based, fix it to run off network card MAC address or something else. I haven't tested if its cookie based but you can't expect people to not clear their cache.

uh, so that's why... Well, I had noticed the same problem as well.

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Sign in to follow this  

×