---
title: Linked accounts
description: Linked accounts are separate accounts that share identifying state (most often the same fingerprint) when they should be independent. Useful for catching multi-accounting and ban evasion.
---

# Linked accounts

Linked accounts are accounts that look independent but share identifying state underneath. The clearest case is one [fingerprint](/docs/v3/concepts/fingerprints) showing up across accounts that should belong to different people. That's the signature of multi-accounting: one person running many accounts to farm referrals, dodge a ban, stack free trials, or stuff a vote.

Rupt scores this risk on every [action](/docs/v3/concepts/actions) (`login`, `signup`, and `access`) because the same person can resurface at any of them.

## What Rupt looks for

- **Shared fingerprint**: how many distinct users a single [fingerprint](/docs/v3/concepts/fingerprints) has been seen on. One device behind one account is normal. One device behind a dozen accounts is not.

## Severity and response

The check feeds a `linked_accounts` [risk](/docs/v3/concepts/risks) severity. Shared devices have innocent explanations, like a family computer or an office machine everyone logs into, so the count matters more than the sharing itself. A handful of accounts on one fingerprint is plausible; dozens is a ban-evasion ring. Most teams [add the device to a list](/docs/v3/concepts/lists) for review and escalate to a [challenge](/docs/v3/concepts/challenges) or `deny` as the count climbs. Your [policies](/docs/v3/concepts/policies) decide where normal ends.