Hello,

 

I saw the IFTT announcement and tried moments ago to login to the portal. Upon doing so noticed a new pop up message that indicated do you want to stay logged in.

 

I never got the chance to say yes and the portal continues to log you out over and over again.

 

 

Hello,

 

I saw the IFTT announcement and tried moments ago to login to the portal. Upon doing so noticed a new pop up message that indicated do you want to stay logged in.

 

I never got the chance to say yes and the portal continues to log you out over and over again.

 

My apologies.

 

This is fixed now.

 

Benoit.

My apologies.

 

This is fixed now.

 

Benoit.

 

Hello Benoit,

 

So very close but no cigar still happening . . .

Hello Benoit,

 

So very close but no cigar still happening . . .

 

Please reload the page.

 

Benoit

Please reload the page.

 

Benoit

 

Hello Benoit,

 

Hard reloaded and cleared the web browser cache on Chrome and its fine now. Should there be a *Stay Login* message option available somewhere now?

 

I am not prompted at all and see no method to enable this feature which is most welcome!

Hi Teken,

 

The auto logout fires after 14 minutes of inactivity, offers a 1 minute grace period to stay logged in, and if there is no response, it logs you off.

 

It is a security measure that is not configurable.

 

Benoit.

Hi Teken,

 

The auto logout fires after 14 minutes of inactivity, offers a 1 minute grace period to stay logged in, and if there is no response, it logs you off.

 

It is a security measure that is not configurable.

 

Benoit.

 

Hello Benoit,

 

Understood and appreciate the insight perhaps this needs to be called out some where for users. As most people who see the pop up message would assume the message indicates stay logged in until such time as the users wishes to leave.

 

Just trying to avoid misunderstanding and support calls . . .

Edited January 30, 20169 yr by Teken

FYI, this has been there for months.

 

It's just that I had temporarily reduced the delay significantly to test something.

Is it possible for the portal login to save the email address? It's kind of a pain to type it in every time.

Is it possible for the portal login to save the email address? It's kind of a pain to type it in every time.

 

Hello Bob,

 

We want the portal to be as secure as possible, so that would go against the purpose.

 

However, browsers like chrome will allow to cache the user and password, and fill it for you if you wish to do so.

 

Benoit.

Benoit,

 

I understand (and encourage!) Security first - but there are ways of providing a 'Remember Username' check box on a logon form, then encrypting the username using a symmetric key (with timestamp and nonce) in a cookie to persist it in the browser.

 

When the cookie is received in the future, you (and nobody else) can decrypt it, obtain the timestamp to determine if it has expired (only allow the next 30 days, for instance) and use the value to pre-populate the username. There is no loss of strength as a result of this.

 

After a successful logon, you resend the username encrypted cookie with a new timestamp and nonce - providing another 30 days of remembering the username.

 

I actually suspect it would be more secure than having Chrome remember it - and its use would be optional.

 

Michael.

If that can't be done perhaps allowing a longer session could be done. Instead of the 1 minute extension let it reset the 14 minute login time.

 

Being prompted to extend the session by one minute isn't very useful for most people.

 

 

In the end, we will remember not the words of our enemies, but the silence of our friends.

For some reason, Firefox won't remember my login name from the portal, although it works for most other sites.

 

Companies like Fidelity, Bank of America, and American Express have a "Remember Me" check-box. If it's good enough for them...

Hello everyone,

 

Thanks so very much for the feedback. So, the only thing you are asking to be stored is the email address, correct? If so, should there be a timeout on the cookie?

 

With kind regards,

Michel

I like the method described by MWareman.

 

 

-Xathros

 

Sent from my iPhone using Tapatalk

Hello everyone,

 

Thanks so very much for the feedback. So, the only thing you are asking to be stored is the email address, correct? If so, should there be a timeout on the cookie?

 

With kind regards,

Michel

 

Yes, just the email. I don't see much benefit to applying a timeout, since it would be on a local machine.

Benoit,

 

I understand (and encourage!) Security first - but there are ways of providing a 'Remember Username' check box on a logon form, then encrypting the username using a symmetric key (with timestamp and nonce) in a cookie to persist it in the browser.

 

When the cookie is received in the future, you (and nobody else) can decrypt it, obtain the timestamp to determine if it has expired (only allow the next 30 days, for instance) and use the value to pre-populate the username. There is no loss of strength as a result of this.

 

After a successful logon, you resend the username encrypted cookie with a new timestamp and nonce - providing another 30 days of remembering the username.

 

I actually suspect it would be more secure than having Chrome remember it - and its use would be optional.

 

Michael.

 

Hi Michael,

 

After discussing it with Michel, we are adding this to the development queue.

 

Thanks for the suggestion.

 

Benoit.

After discussing it with Michel, we are adding this to the development queue.

 

Now That's the kind of quality service that we've come to expect from UDI !

 

Thanks!

Thanks Benoit (and Michel)! It's customer service like this that keeps me coming back for more...