I am implementing a voting system and need some input from fellow programmers. Do you see anything that could go wrong by having users input a valid email and perhaps have a captcha to stop automated voting instead of a traditional login and vote?
Asked
Active
Viewed 221 times
2 Answers
2
- How will you know the e-mail is valid? They get e-mailed a link and must follow it?
- How do you know if a user has more than one e-mail address?
CashCow
- 1,630
0
It depends how important your voting system is. Does it matter if users can rig it a little bit?
How secure do you need it to be?
"Vote for the best album of 2011 so far" - it doesn't matter too much if people vote twice but "vote for the new president" and maybe it does.
If one user has multiple email addresses then simple email will fail - as a fairly average modern user I could - if I cared enough - vote five times with that arrangement.
As there is no solid way of guaranteeing user identity online, however, you are going to have to choose where to compromise based on the risk that rigged voting would entail.
glenatron
- 8,689