moderated Re: Update login expiration on site visit #suggestion


Toby Kraft
 

Yet another thread that should be put to bed with no changes to the site....

The groups.io Terms of Service, Cookie Policy states (emphasis added):
Essential Cookies

These cookies are strictly necessary to provide you with services available through our Site and to secure our Site:

Domain Cookie Name Expiration Description
groups.io groupsio 30 days Authentication
groups.io flash 30 days Flash messages
groups.io cookieconsent_status 365 days For cookie consent
Circumventing the 30 day re-authentication requirement (which is what the auto-renew cookie change would allow) would reduce the site security and, in my opinion, would be ill-advised.
We're talking only 12 logins a year.  And the auto-renew wouldn't help infrequent users as they would not have been on recently enough to refresh the expiration anyway.  
I do support changes to provide a better user experience when links from an email are clicked.  Adding a term to the URLs in the email could accomplish that (page logic could be something like - URL says this came from a subscriber email but the authentication cookie is missing so let's should display an appropriate message perhaps "Please login to view this message in your group.").  Improving the communication to users when this happens would aid the inexperienced users.
Toby

Join main@beta.groups.io to automatically receive all group messages.