Easy guest accounts = easy abuse?

Scenario

I am building a node.js/socket.io (express.js, mongodb, passport.js, socket.io) web game. Users have to login before they can play.

I am thinking of having a big "TRY NOW" button on the front page that uses socket.io to create a randomly named guest account in mongodb, and log players into the game with it. This guest account is destroyed within say 48 hours unless the user registers it.

One way to abuse this might be to write a script that repeatedly clicks the "TRY NOW" button to flood my database with guest accounts.

Question

Is there a way to avoid this without a full blown registration? I could put a captcha next to "TRY NOW" but I would rather not use it unless I really have to.

node.js
socket.io

There are some ways you could do that without CAPTCHA, but it isn't the perfect solution.

You can set a cookie with sessionid for that client that is persistant with time. This session id could block the "TRY NOW" button if the user has a session. This could be bypassed by another browser where your cookie won't be stored. Or just if the user deletes the cookie
Not recommended, if you scan the user IP Address and implement flood protection ( e.g. this IP Address could hit that button in 10 minutes else it would block it ). But this would be very unpleasant for shared and under NAT. Consider Not doing this.
Else you could consider scanning activity of the new formed user and if there is no activity at all in the first minutes their account is destroyed and it should be created again.

Pretty much those are ideas that might be working.