how to remember user without registration

Question

I want users to be remembered on my site but I don't have any kind of signup. I want user to choose a username when he comes to the website for the first time and then for every other request from that user I want to remember the username. I tried this-

As a user can't signup using Facebook or email or anything else, I was not able to find a way to remember user. So, I mapped the user's username with his IP Address and saved it to the database. So, subsequent requests from that IP Address would tell me 'which user it is'. But then I came to know that IP Address can change when you reset your modem/connection. And for static IP Address you have to pay your ISP. Then, I am quite sure that most of the users have dynamic IP Addresses.

So, is there a way to do this? I know about cookies and sessions but I don't think that's the best way. May be I am wrong. I just want to know how big players in the world tackle this type of problem. Or maybe, what better solutions are out there to do this? Please give me directions.

Added:

As based on an answer, if I do it on basis of cookies, won't that delete user history when the cookies are removed from the browser? And if the user login in from same PC using different browsers, won't he be asked username multiple times?

Answer 1

Don't rely on IP addresses. Use an infinite cookie. In jQuery you can set a cookie to expire as follows (showing 20 years expiration - that should be enough!):

$.cookie('my_cookie', 'my_value', { expires: 365 * 20 });

If you're worried about the user clearing cookies, another interesting approach is to ask for an email address (just email, no password). Then you can email that user a link back to your site with an access token appended to the URL which authenticates that user - and store it again in an infinite cookie. This way, you always have a way of authenticating a user without requiring formal sign up.

EDIT: Reading your question again it looks like you're trying to remember a user's account based solely on what the user tells you his username is. This is not a secure approach and also will result in lost accounts. You're going to need to save something on the server, whether a unique token, password, or email address.

Answer 2

If you are not using any kind of login, there is no concrete way to remember the visiting user, here is why :

Cookies : i clear my cache, or use different browser to access the site, then, cookie logic would fail ( cookies are also browser specific )

Session : Browser is closed for sufficient time and session might get destroyed

IP : change of machine / location / modem( on same machine as last time ) will change the IP

One simple work around for this problem is to use open-id for login, this way, u wont have to worry about the credentials and this will offer a secure way to.

Check this thread on how to use open-id to embedd to a site : How to add Social login services from Google, Facebook, Yahoo etc. to my website?