Some web apps like Facebook and Gmail detect the first time we try to login from a device.
Assuming that a browser can't read machine name, and MAC ADDRESS. What kind of variables are they collecting for doing this validation?
Take the 2-minute tour
×
Information Security Stack Exchange is a question and answer site for Information security professionals. It's 100% free, no registration required.
|
|
|||||
closed as off-topic by schroeder, Xander, Mark, Rory Alsop♦ Oct 10 '14 at 20:50This question appears to be off-topic. The users who voted to close gave this specific reason:
|
|||||
|
|||||
|
as the website service panopticlick puts it "How unique and trackable is your browser?" there are many things that especially via scripting can be found out about your machine. This uniqueness estimation can include
|
|||
|
|
|
There are number of different ways that this can be accomplished. IP Addresses Typically, most host machines stay within a family of IP addresses. These addresses are assigned to your ISP, who in turn, assigns you an IP address when you purchase a subscription. If you login to your account from a different block of IP addresses, then they may know you aren't logging into their services from the same computer or phone. (You can find out by using a VPN, AOL's free software acts as a VPN of sorts for any activity done within their software if you'd like to try that.) Cookies Browser cookies can be used to track if you have visited their site with your credentials from that machine or not. They will stick a little text file with some pertinent information and they can know that way. Those are the two that come off the top of my head. Browser plugins might be possible too, they may store information much like a cookie would. =) Edit: Oh, another thing, you'd be surprised at what some software grants access to as well, from phones especially. All manner of data gets collected by giants like facebook and google, so be wary!!! |
|||
|
|
