Multi-accounting prevention
Multi-accounting is one person running many accounts: trial farming, incentive abuse, ban evasion, or padding out fake leads.
Step 1: Set up login and signup protection
Before anything else here, set up Signup protection and Login protection. They're the basis this builds on, and without them the policies below can be bypassed. With those in place, the rest of this guide covers the policies that stop one person from spinning up account after account.
Step 2: Add the policies
A policy has a trigger (the event it runs on) and a verdict. Add these in your policies dashboard:
| Policy | Trigger | Conditions | Verdict |
|---|---|---|---|
| Limit accounts per device | signup | fingerprint_user_count is over your limit (2 is a fair start) | Challenge |
| Limit accounts per phone | signup | more than 2 accounts on one verified phone (coming soon) | Deny |
The two policies stack. Allow a couple of accounts per device, then challenge anyone past that, with the challenge set to require a phone number so the extra account has to verify a real phone before it continues. Then cap how many accounts a single verified phone can back, and deny beyond it. A real phone is far harder to mass-produce than an email, so this is what actually slows multi-accounting down.
Keep the device limit generous: a shared computer, a family, or an office is normal, so 2 (or higher) avoids punishing real users. Per-phone account limits are coming soon; until then the device limit plus required phone verification does most of the work.
Related
- Linked accounts: the risk and the
fingerprint_user_countcheck behind it. - Coupon abuse prevention and Ban enforcement: two common multi-accounting payoffs.
- Fingerprints: how Rupt sees the shared device.
- Need help? Contact support.
- Want to see Rupt in action? Request a demo.
- Questions? Talk to sales.
- Check out our changelog.
- Check our status page.
- LLM? Read llms.txt.