Alts (AKA alternate accounts) exist in pretty much every online and offline service, from Second Life to Social Security. Usually, identifying an online alt is just a little bit easier than identifying an offline alt.
Now, first things first. There’s no completely reliable method, while online alts are easier to identify, it doesn’t mean that they’re easy to identify, in an absolute sense.
Common alt-detectors usually rely on the IP-addresses (that is, the IPv4 Internet addresses) of multiple users, and that’s very unreliable indeed, if for no other reason than IP-addresses often change. Also, with the global scarcity of IPv4 addresses, an increasing number of people will share a common network address. Most business and educational networks keep their users behind a public front address (or a small handful), so it isn’t unreasonable for ten thousand or more people – who may not know each-other – to have the same IP address on a given day, if they all attend the same university, for example.
Plus, of course, with cable network addresses in the world being dynamically allocated, it is relatively trivial to get a new one – which might be the address last used by another person who uses the same online services… or not.
Now, I’ve had alt-troubles before, a couple of times. I’ve never had to rely on gadgets to successfully discover the user behind them. That isn’t to say that it was easy. There’s no golden rule for making the identification, but the most telling cues for me when determining the identify of an alt are: knowledge and wrist.
Knowledge is fairly self-explanatory. A lot of people who use alts maliciously frequently slip up and demonstrate knowledge that could only be possessed by a small number of other people. Sometimes by only one other person. Just paying a little attention can help you narrow it down.
The other factor is ‘wrist’. The term
‘wrist’ ‘fist’ originally referred to the distinctive speeds and rhythms of Morse and telegraph operators as they tapped out code sequences. Each operator’s wrist fist was unique, and operators could identify each-other by it, even in the absence of other identifying information.
After the advent of keyboards and teletypes, ‘wrist’ (a new name for essentially the same phenomenon) has been used for authentication purposes with keyboards as well, with software measuring the timing between different pairs of keys for individual typists. It proved quite easy to determine one typist from another.
Now, you or I don’t have access to that fine sort of detail, but what we do generally have access to are the sentences that an individual user types. Given our educations, backgrounds, moods and vocabularies, we – as people – tend to choose our words in particular ways. We use some words commonly, and others rarely, we tend to make certain typographical errors over and over again, and make repetitious errors in our selections of written homonyms or punctuation. That’s someone’s ‘wrist’.
In short, even when we’re pretending to be someone else, everything about the way we write marks us as an individual. You might try to conceal your style, but whenever you lose concentration, you’ll reflexively slip back to your individualistic, default style. Look through what I’ve written here, and compare it with other things I’ve written. You’ll see key phrases that appear over and over again.
While you might think of this as a cop-out, I’ve always found that the best way to identify an alt is to simply pay attention. Pay attention to what is said and how it is said, and compare that with the knowledge and wrist of your suspects. With a little practice, it isn’t actually all that difficult, and – quite frankly – most people using alts for malicious purposes just really aren’t all that smart.