Safeguarding the past, present and future of RISC OS for everyone
Account
News | Downloads | Bugs | Bounties | Forums | Library

Previous|Next

  • Tickets
  • » Ticket #108

Ticket #108 (Fixed)Sat Jan 20 19:49:56 UTC 2007

Increase the Hub login timeout

Reported by: Rob Kendrick (86) Severity: Enhancement
Part: Web site: Hub (single sign-on mechanism) Release: 2nd public site release
Milestone: 2nd public site release completed Status Fixed

Details by Rob Kendrick (86):

It’d be nice if I could tick a box in the login page to store a cookie in my browse such that I don’t need to log in again on another visit. May also need to then provide a “log off” button.

Changelog:

Modified by Andrew Hodgkinson (6) Mon, January 22 2007 - 14:41:56 GMT

“Remember me” schemes are notoriously problematic from a security standpoint – e.g. consider the internet café problem – which is why I haven’t yet implemented it. If it’s a major problem logging in for a large body of users it might be worthwhile but it is difficult to get right (so I won’t close this ticket just yet – it might get implemented).

There is already a “log off” button; when logged in, click on the “Account” icon at the top right of the header on any page. You’ll get to your account management pages, which include a “log off” option.

Modified by Andrew Hodgkinson (6) Mon, January 22 2007 - 14:42:21 GMT

  • Release changed from Prototype site to 2nd public site release

Modified by Andrew Hodgkinson (6) Mon, January 22 2007 - 14:44:00 GMT

  • Milestone changed from Unspecified to 2nd public site release completed

Modified by Rob Kendrick (86) Tue, January 23 2007 - 21:50:24 GMT

The internet café problem is why I suggested that it be optional. It should also default to off, as well as perhaps giving the user a warning that they shouldn’t use this feature on shared machines.

(Although the security of logging onto such things from a shared machine is questionable anyway.)

Modified by Andrew Hodgkinson (6) Wed, January 24 2007 - 21:42:29 GMT

Yes indeed. I notice that some sites have a half-way house, which does keep the user logged in for longer, but still not forever – one or two days, perhaps. In addition to your suggestions above, I think we’d be getting close to the right balance of utility and security.

Modified by Trevor Johnson (329) Wed, January 12 2011 - 14:03:03 GMT

  • Status changed from Open to Fixed
  • Summary changed from Option to log on "permanently" to Increase the Hub login timeout

I notice that some sites have a half-way house…

…increased the Hub login timeout from one to four hours

  • Comment on, or change status of, this ticket

Previous|Next

Search tickets

Social

Follow us on and

ROOL Store

Buy RISC OS Open merchandise here, including SD cards for Raspberry Pi and more.

Donate! Why?

Help ROOL make things happen – please consider donating!

RISC OS IPR

RISC OS is an Open Source operating system owned by RISC OS Developments Ltd and licensed primarily under the Apache 2.0 license.

Options

  • Tickets
  • New ticket
  • Milestones
  • Subversion: Changesets
  • Subversion: Browse
  • CVS: Revisions
  • CVS: Browse
  • Search

RSS feeds Rss

  • Tickets
  • Everything!
  • More feeds...
Contact Us  |  About Us

The RISC OS Open Collaboa theme is distantly based on the Collaboa default layout
Site design © RISC OS Open Limited 2024 except where indicated

Hosted by Arachsys

Powered by Collaboa
This site runs on Rails