[rozenmd]

The fingerprinting part is to avoid double counting and using cookies - most analytics and feature flag services have something equivalent to:

hash(salt + ip_address + user_agent + some_other_unique_characteristics)

for analytics you could rotate the salt daily if you're only concerned about daily unique visitors

[jmmv]

Precisely. To be honest, the fingerprinting part was a very late addition and... I don't like it. The original version used a uuid plus a cookie, but "aaah, cookies!" so I looked for an alternative. Which sounds worse than the simple cookie approach.

One thing I'd like to do is try something like what you said server-side and compare how closely a hash of those properties matches the "accuracy" of fingerprinting. I'm only looking for something of reasonable precision during short periods of time (to avoid obvious double-counting) so if that tracked reasonably enough, it'd be a very interesting alternative.

[GordonS]

What about a time-limited fingerprint, built with a seed that rotates daily?

That way, you can only track any given visitor for max 24 hours, which often would mean tracking them across a single "visit". I'm pretty privacy conscious, but personally would be absolutely OK with this.