Green_Beret, you forgot about 10 captcha that needs to create account. Need to understand that theres no way to identificate peoples on the internet unless internet passports will exist. But we can make registration harder - 10 captcha, unique email, something else? The main point is to make griefing much harder than kick'o'baning.

IP ban is ridiculous because there can be over 9000 players from one IP. IPv6 ban, maybe. But not IPv4.

Then IP ban will help.

I doubt there will be idiot arsed enough to change IP to troll people in blocky little voxel game.

I know RSA but I don't get how your suggestion would prevent the player from creating a new account and play again. What's the connection between the private-key and the player? Only the email-address? Or also some machine-hashsum?

1) /k shortcut for /votekick
2) RSA-keys based authentication. User must enter captcha 10 times at ace-spades.com, then he get his private key. When he logs in to a server first time, server asks ase-spades.com for user pulic key. When user logs in second time, server dont asks ace-spades, but get user public authentication key from local cache.

After %kickcount2ban% times user gets banned from the server forever and ever.