Session lifetime

lacisoft · August 21, 2013, 11:19am

I find it very annoying that the AS system logs me out every now and then and i have to re-login.

I'm perfectly fine with logging in once a day or at every 8 hours or so, but every hour is a little bit too much don't you think ?

Is there any possibility to increase the session lifetime to at least 4 hours ?

SovietSplicer · August 21, 2013, 1:32pm

I don't think it's that big of a problem, it takes around 10-20 seconds to log in.

lacisoft · August 21, 2013, 1:40pm

20 seconds multiplied with a few times a day adds up. That's time wasted. Maybe you have too much time on your hands, i don't.

FENCC01 · August 21, 2013, 1:50pm

You might visit other sides where you have to login and, after noticing that it always goes like this, come back and be happy?! :D

You always have to relogin after 5 minutes, or 10, 30, 60... That has security reasons...

lacisoft · August 21, 2013, 2:06pm

@FENCC01

Which sites are we talking about ? I login to Gmail about once every month and always keeps me logged in even if i shut down my computer and restart it. Same thing with Yahoo or Facebook or most of the other websites. It's not necessary from a security viewpoint unless you have a poorly designed website.

You should know that i earn a living writing web applications so i know what i'm talking about.

martin · August 21, 2013, 2:47pm

"Remember me" functions are fine when used on a home computer that's kept save from intruders. But no one can guarantee this nowadays (especially non-professionals) and many of our players would typically use their account on public or semi-public computers. Leaving a single access token there is negligent from a security point of view. One could argue that AS is a game and as such doesn't have to be protected like, say, online banking. But I see it as a part of the "web of trust" in that someone capturing an AirlineSim account can act like the righteous owner.

The reason why Facebook, Google and Co don't care is because you are not their customer. Their ad-customers are and their main interest is to keep you engaged, not safe.

Helix · August 21, 2013, 2:52pm

With auto-fill it takes less than 20 sec. I’d say 3 at max. That is too much? Even if you login every hour of the day it’s a minute a day. C’mon

Banff · August 21, 2013, 3:53pm

I agree with forex. It's less than 3 seconds to press login.

And personally due to my work, I log on to more than 20 different computers to play AS. I would hate to see my airline go down, because someone suddently comes across it. (I’m a paramedic, so I can’t always logout, I just have to run). So for me, this safety issue is very supportive!

Kahael · August 21, 2013, 6:03pm

@FENCC01

Which sites are we talking about ? I login to Gmail about once every month and always keeps me logged in even if i shut down my computer and restart it. Same thing with Yahoo or Facebook or most of the other websites. It's not necessary from a security viewpoint unless you have a poorly designed website.

You should know that i earn a living writing web applications so i know what i'm talking about.

... well, Gmail do it to share the information saved in your mailbox with intelligence departments in US and GB. :ph34r:

FENCC01 · August 21, 2013, 7:45pm

@FENCC01

Which sites are we talking about ? I login to Gmail about once every month and always keeps me logged in even if i shut down my computer and restart it. Same thing with Yahoo or Facebook or most of the other websites. It's not necessary from a security viewpoint unless you have a poorly designed website.

You should know that i earn a living writing web applications so i know what i'm talking about.

I meant that anyone can sit at your computer and "be you" if you are logged in 24/7. Doing bad things and stuff... and well, if you use "Remember me" functions like mentioned it takes maximum 3 seconds. What you should know then... ;)

lacisoft · August 22, 2013, 7:43am

Well there are cases and cases. Some people use multiple computers, some don't. I go everywhere with my laptop and no one else will use it. So i would like to be logged in.

I understand that this is a problem for some of you but there is also the approach used by some websites to have a checkbox under the login "Remember me for 2 weeks" and then you don't have to login every time.

… well, Gmail do it to share the information saved in your mailbox with intelligence departments in US and GB. :ph34r:

You can rest assured that the government will read your mail even if you're not logged in :)

vortexbased · August 27, 2013, 10:05am

You could use a browser plugin like “Tab Auto Reload” for Firefox or “Easy Auto Refresh” for Chrome, then just set it to reload one tab you don’t use.

sk · August 27, 2013, 10:19am

Dangerous hint - this might result in a mix up if you have several airlines ;)

vortexbased · August 28, 2013, 3:16am

ha… true. That didn’t even cross my mind. However, this works fine for someone who only has 1 airline… a n00b like me