No announcement yet.

Login timeouts

  • Filter
  • Time
  • Show
Clear All
new posts

  • Login timeouts

    Since the new HQ site rolled out, login timeouts seem to have been decreased to about 1-2 weeks. This seems unnecessarily short compared to industry standards - in fact, I don't think the "old HQ" even had login timeouts at all.

    It can be frustrating having to remember the password, especially for RotoPass users where we have to remember a cryptic password that we can't choose ourselves. Worse, the login form doesn't play well with the "remember password" function on certain browsers (notably Safari, both desktop and iOS), and typing the password (alternating numbers and letters) is a pain on a mobile device.

  • #2
    Login timeout is three weeks. It's the max level our software allows.

    The old site didn't remember passwords at all, you had to log in each visit. (Although you could save your password, so it was just a click-thru.)

    We've requested a 'remember password' option, but apparently that would require some significant technical work. Until then, not much we can do about this, I'm afraid.


    • #3
      If it's three weeks then that's okay I guess. I use the site on several different devices and it's hard to keep track of when I last logged in from where, so it probably just seemed shorter than it is.

      You're right about the old site - it didn't keep sessions, it's just that it used HTTP auth and browsers are much better about saving passwords in that situation, often making it invisible to the user that a password was re-sent. Not suggesting you go back to HTTP auth (it's not very standard these days, and I would guess your software doesn't support it anyway); just an observation.

      A "remember password" function in the software itself, that is distinct from merely saving your auth cookie for more than three weeks, probably isn't a good idea anyway.

      Thanks for the input though, it makes sense.