Feature request -- Add option to stay logged in

[fasttimes]

Currently the portal logs you out due to inactivity.  Can you add a checkbox called stay logged in below remember me so that the portal won't log you out?  Most sites allow this (like ITTT.com). 

 

Thanks

[stusviews]

Like banking, leaving the portal open may present a security risk. Although inconvenient, I'd vote for keeping it the way it is

[Michel Kohanim]

Hi fasttimes,

 

It's really a huge security hole especially for mobile devices. it's one thing to let customers choose to have the browser save their username/password. It's completely another to let a session linger on for eternity on the server.

 

With this said, I must humbly not accept the feature request. So sorry.

 

With kind regards,

Michel

[fasttimes]

Hi fasttimes,It's really a huge security hole especially for mobile devices. it's one thing to let customers choose to have the browser save their username/password. It's completely another to let a session linger on for eternity on the server.With this said, I must humbly not accept the feature request. So sorry.With kind regards,Michel

How about increasing the timeout period to an hour? It is a major pain in the neck working with scripts, IFTTT, etc with it timing out on me each time and then i have to navigate back to the same spot.

[Michel Kohanim]

Hi fasttimes,

 

Does it timeout on you while you do things on the Portal? Or, is it when it's idle?

 

With kind regards,

Michel

[fasttimes]

Idle. I'm usually working with the admin interface, Alexa or IFTTT trying to get something working. It is not unusual to not come back to the portal for 15 minutes.

 

After it logs me out I have to navigate back to whatever screen I'm working on

[Michel Kohanim]

Hi fasttimes,

 

Got it. Thanks. Let me discuss with our security expert.

 

With kind regards,

Michel

[jtara92101]

Idea: persist the user's page selection in the portal on the server, cookie, or localstorage (localstorage is probably best), so that when they log in again, they are in the same place.

 

Optionally, persist navigation history as well. (window.history)

 

This at least makes it less painful when they have been logged-out.

 

Since many/most users probably use a password manager or let their browser save passwords, it seems to me the bulk of the burden is the re-navigation, not re-logging-in.

Edited April 10, 2017 by jtara92101

[fasttimes]

Idea: persist the user's page selection in the portal on the server, cookie, or localstorage (localstorage is probably best), so that when they log in again, they are in the same place.

 

Optionally, persist navigation history as well. (window.history)

 

This at least makes it less painful when they have been logged-out.

 

Since many/most users probably use a password manager or let their browser save passwords, it seems to me the bulk of the burden is the re-navigation, not re-logging-in.

The navigation is indeed the annoyance. Persistence of some sort would make it more palatable. Personally I would have developed the pages to use a more RESTful Uri pattern. So if your session times out, a new call would bring you to an authentication page and then bring you right back to where you left off. That would prevent the use of the pop-up modal dialogs, but that is a good thing IMO. The current design looks like it is a single web-page application so it would probably require a rewrite to use such a pattern. The easiest thing to do would be to bump up the timeout period.

 

15-30-60 minutes, there is little difference. "We've already established that you ARE that sort of woman, said Mr Churchhill. Now we are just neogotiating on price"