skip to Main Content

I have asp.net web api used by mobile app. In facebook I see notifications like “access to your account from new device“. I want to implement the same. Device could be connected to different wi-fi or 3G so to use ip addrress is not good. How to define access from new device and remember it for future in “trusted devices”?

2

Answers


  1. You could look at a combination of pieces of data to uniquely identify see EFF’s website on browser fingerprinting.

    But the common approach is to set a cookie and check if it is present in future visits.

    Login or Signup to reply.
  2. You need a unique identifier for each device.

    In case of a computer it could be a mac address, if it’s a mobile device they each have a unique identifier you could send together with the request.

    You would then keep a list of these IDs on the API side and every time a request comes in, just check if that ID is in the list you already have. If not then there it is .. new device.

    Here is another discussion which could be relevant to your scenario : What is a good unique PC identifier?

    Login or Signup to reply.
Please signup or login to give your own answer.
Back To Top
Search