FitDay web autologouts too frequently (Admin monitored)

Reply Subscribe

Thread Tools

10-03-2011, 07:50 AM

#111

ibobi

Administrator

Join Date: Mar 2011

Posts: 569

Hi all,

Spoke with the developers a few moments ago.

The next version of FD will include a notification when the site is about to log you off, like banks do ("you have been inactive, do you wish to stay logged on?"). That's for the food logging part of the site.

For the forums, you will be able to stay logged in indefinitely.

Paul

10-03-2011, 01:00 PM

#112

VitoVino

FitDay Member

Join Date: Jul 2011

Location: 86

Posts: 1,875

Quote:

Originally Posted by IBobi

Excellent news! Thanks Paul. Hopefully it will only prompt ONCE and then leave the person logged in for a few hours at least before prompting again. Prompting every 15 minutes won't be too cool either.

10-03-2011, 07:22 PM

#113

helveticat

FitDay Member

Join Date: Aug 2011

Posts: 36

Quote:

Originally Posted by IBobi

The next version of FD will include a notification when the site is about to log you off, like banks do ("you have been inactive, do you wish to stay logged on?").

Thanks a lot for coming back on this, it's really appreciated. What's the purpose of adding a popup, though? Why not just expire the cookies when and only when the session's closed?

10-04-2011, 05:26 AM

#114

ibobi

Administrator

Join Date: Mar 2011

Posts: 569

Same as with a bank -- security. Prevents someone from wandering over to your computer while you're logged in forever and seeing your data.

10-04-2011, 08:17 PM

#115

howitzer9

FitDay Member

Join Date: Sep 2011

Posts: 8

Quote:

Originally Posted by IBobi

Same as with a bank -- security. Prevents someone from wandering over to your computer while you're logged in forever and seeing your data.

But unlike a bank who are financially at risk, with Fitday members it is we who own what is seen on the screen. It is the members who would lose out if an interloper changed something on screen.

So it should be the members who control the level of security they require on their own data. No?

10-04-2011, 11:24 PM

#116

helveticat

FitDay Member

Join Date: Aug 2011

Posts: 36

Quote:

Originally Posted by howitzer9

So it should be the members who control the level of security they require on their own data. No?

Amen. The same principle's used by Amazon, Facebook, Google, Yahoo and 100s of other sites that make sensitive information available when you're logged on.

Plus, if you leave your computer unlocked for long periods in a public place you're leaving your email, documents etc etc open to theft. The security issue here is "leaving your session unlocked and unattended in a place where there are people you don't trust", not "one website not logging me out after 30 minutes of inactivity, during which anything could have happened".

Just my 2c, but I'd say trust your members and make the site more usable.