But in the long run, nothing based on ip-banning would be able to stop a sufficiently determined vandal. Neither would relying on registered accounts. At present, stealing someone else's account would be quite easy.
How so? Brute force password attacks? We can catch these by limiting the attempts. What else?
Regards,
Erik