We won't log you out

wontlogyouout.pngMost sites have a “Remember me” checkbox of some sort, which will store a permanent cookie, rather than a session cookie, so you don’t have to login again the next time you visit.



JPG magazine takes that a step further with the following note:



“We won’t log you out automatically, so if you share this computer with anyone else, be sure to click “log out” (at the top, right of every page) when you’re done.”

1 comment

Seems a touch dangerous... I always liked the idea of the <a href="http://openacs.org">OpenACS 5</a> persistant login, where there are two levels of authentication. The basic level never timed out, but the higher level (required for eg. write operations rather than read-only operations) timed out. When you hit a page or operation requiring the higher level you would be asked to confirm your password. The actual implementation had a few tricks, but done well can lead to an excellent (and safe) ui. LinkedIn.com uses the same concept to good effect. In fact if I remember correctly, Lars you may have implemented the two level auth?
By Mark Aufflick on Sun, Oct 08, 06 at 17:14 · Reply
  Cancel

Leave a comment