I’d like to set up a website that authenticates users in such a way that a single person can’t (trivially) sign up more than once, but I don’t see any personal details beyond an anonymous ID. Absolute guarantees that that user hasn’t registered before aren’t needed, but there should be enough friction to put people off. Think Twitter accounts, not passports. I absolutely do not want to deal with email.

Is OIDC really the best option here?