Defenestration attempt following Log in timer running out.
C
Chris
Luckily the window was closed and the laptop robust.
This was the most frustrating time it has happened, and I appreciate the security with 2FA and logging out after inactivity. But I feel like it should be after inactivity, instead it appears to be after 24 hours from when I logged in. Which is task dependant and so not always 9am.
Am I wrong? is if following inactivity? or is it Since logged in? If it's inactivity, why would I need to login in again when being active at the time of being required to log in again.
I don't see an error message, I should have grabbed a screenshot but the ricochet made it impossible. I remember seeing through the red mist a pop-up with both options resulting in the page being refreshed and log in required, one option was 'leave'.
I've seen it before, but usually all i lose is an items card worth of work. This time it was a load of html I'd written on a collection page.
Considering laptop corner protection
Neil McQuillan - CEO Citrus-Lime
Chris,
Your wording has made me chuckle, I've come close to destroying laptops in the past.
The token in Cloud MT lasts a hard 24 hours at the moment, we don't automatically refresh it. If we had an idle timeout instead what would you suggest?
Saving any work in progress would be better, but I don't think that's technically viable.
C
Chris
Neil McQuillan - CEO Citrus-Lime Thanks for the reply, I'd rather laugh than cry.
The problem with the 24 hour timer is we've no idea when it's going to run out. If we knew then we could save, go make a brew and come back to log-in again.
Honestly the solution I've given no thought to. Looking at it with a cooler head today, best I can come up with is an 8 or 9 hour inactivity timer would cover most work days and refresh overnight. Or a known set time like 4am, if that's possible.
I could be alone in this and admitting poor practice but I tend to leave a couple of tabs open ~100, if i've not finished what i'm working on, so I can pick up where I left off the next day. Everything is saved but not closed.
Does logging out even terminate the token? If I log in at midday on Monday, log out at 17.30 Monday, then log in at 9.00am Tuesday would I be creating a new token at 9.00am Tuesday or will i be on the same one created at midday on the Monday... This is giving me a GCSE Math problem vibe!
R
Richard T
Chris we've had to turn off 2fa as it's just not right compared to other sites. other sites have 7 / 30 days options and it should be someitnhg similar to this rather than 24 hours. i like your idea of a timer too!