Design your game such that multiple accounts offers no benefit? That's really the only way.

What if two brothers use the same PC with their own game accounts. It's a totally feasible scenario which breaks your attempt to stop 'multiers'. In other words, it's not worth the effort.

What if two brothers use the same PC with their own game accounts. It's a totally feasible scenario which breaks your attempt to stop 'multiers'. In other words, it's not worth the effort.

This is why false positives must be eliminated , making job harder. But considering they'll cripple "microtransaction" revenue, it actually worths trouble. Because it also involves gold farmers, character traders etc.

There is zero possible way to detect whether two brothers share the same PC (something very common in my household) verses one user using two accounts. Or a friend visiting a friend's house. Or two college students playing from the same college IP address. Will you block the entire college? How will you know what IP addresses are colleges, and which are households?

You are either blocking legitimate customers (the two brothers or the college) or allowing in the farmers (one person with two accounts).

Not everyone with two accounts is farming, even if one player is playing on two accounts: They may have two separate characters, for fun.

Further! Even if you block all secondary accounts (including punishing legitimate customers - which is impossible to detect), you still wouldn't be blocking all the gold farmers, because in China it's not 1 farmer running 20 accounts, it's 20 farmers at 50 cents an hour in a warehouse each running one account. Impossible to detect.

(Or, for real, chinese prisoners forced to gold farm for the prison guards to sell)

Instead, design the mechanics of your game to make it less worth the hassle for gold farmers, or just block all of China (who'll just use proxy servers) and punish legitimate families of gamers sharing PCs, and still not be 100% farmer-free. You have to weigh the very real need to block pirates and farmers against annoying and outright blocking your legitimate customers. This applies to DRM, but this also applies to your game's built-in anti-hacker anti-farmer anti-griefer anti-whatever features.

Using a game like WoW for example, you gain absolutely nothing from having multiple accounts even if they were free, seeing as you only profit by actually doing something in the game. If you game is based on gathering resources over time or something than the obvious thing to do would be to design it so that you can't simply give resources away to someone.

I'm not saying WoW is a bad example and it probably has a point over some other online games but it has had and probably still has many kinds of ways of multi-account abuse. You can use your 2 accounts to farm honor in many ways including killing your other faction character(s) with your character(s), going to the multiplayer battlegrounds and forcing the other side to lose for example by taking the flag somewhere where it can't be reached or you could just fill the BG with your own characters by multiqueue. Gold farming uses the 2 factions and neutral AH for transfering and I'm sure for lots of other things.

Then there is the whole "multiboxers" issue where people can with few simple steps control 5 identical characters running on top of each other with 0 delay which is totally unfair. Can be used to boost leveling, PvP and honor farming, even some instances...

For the multiaccount problem I can't say anything but there's no solution you could hardcode into your game or completely design around the problem. People that want to will be able to find a way to abuse even if you take extreme measures in preventing it and block huge amount of legitimate players out of the game because of that.

But you have one big resource at hand that will do the job for you, in a way: the community. Everybody are competing in the same world by the same rules, they fight and try to do well. Where there is abuse there is always the one who gets abused and maybe people who witness it. I didn't skip on any of my reports in WoW when I played it, not even later on private servers. Even them could spare enough resources to be able to handle the reports swiftly and appropriately.

So build a good reporting function and find resources to handle them and community will do the law enforcing job for you.

This type of problem is nearly impossible to just "detect", first there is the case of multiple real players playing legitimately using the same computer. And any player that truly wants to multi will find a way. Reroute IP, clear cache, virtual machines, etc.

The only thing you can do, is look through players actions and detect blatant multi's. I.e, if a player sends all their resources to the same account every day or if a particular player always loses battles to the same player continuously. I am not even sure if you'd be able to do it algorithmically. Perhaps you could define and log "red flag behavior", then judge accounts with many flagged actions on a case by case basis.