>>5 >>6 That's what tripcodes are for. If there is uncertainty that the same username is the same person, just check their code. Unless someone is a really really good guesser, or actually cares enough to actually phish, brute force, or keylog to try to steal a tripcode, which is not as important as a password, then the likelihood that anyone other than the original user will use a certain username and tripcode.