› UKTH forums › UKTechHub News & Information › Welcome to UKTechHub News & Information After a suggestion from a forum member to try to keep members updated with changes (improvements) that I making to this forum. I have created this new main Forum called... › Reply To: Welcome to UKTechHub News & Information After a suggestion from a forum member to try to keep members updated with changes (improvements) that I making to this forum. I have created this new main Forum called…
Initial thoughts:
So had a look at extending the time a forum member can remain logged in even after they shut down their browser, from a technical perspective, when you log in to a website it creates a session, which is usually identified by a token within a cookie. Often, these cookies are set to expire after a certain period of time or when the browser is closed.
Now currently UKTechHub’s is set to log out whenever the browser is closed (I believe), if this time period is changed to say a day, week or month, then if a forum member is using their own equipment, this is not such a security concern.
But….
Now the concern is if the forum member is using a shared or public computer there is the possibility that as the cookie/session are still active, the forum members account could be compromised, moreover a non-shared device that also has an active cookie/session that is then compromised (hacked) could also lead to the forum account being compromised (but is less likely).
Websites that deal with money, such as banks and e-commerce need to log users out promptly to prevent unauthorised access.
There is also a server impact but as I only have a small forum currently, not a consideration currently.
Thoughts most welcomed from all ?
In a completely sane world, madness is the only freedom (J.G.Ballard).
You need to login in order to vote