On 23.08.2010, 0:38 Platonides wrote:
That's better than the "I don't remember what my password is since I never needed to input it, I was always logged in." reports.
This point is debatable:) At least we inform people that they should provide valid emails if they want to reset their passwords.
Instead of randomly increasing the cookies lifetime, I think that we should be renewing the cookies if the session has more than eg. 24 hours. That way, you would never need to login again if you browsed the wiki at least once in the last month.
That would require some effort, and will add another cookie that stores expiry time. A simple increase in time will be a fine solution until a complex scheme is implemented (do we want it at all? more cookies=more bandwidth). Additionally, there's still no good reason to keep expiry time short anyway.
Personally, I don't find annoying having to log in once a month. It's the CentralAuth third party cookies (+ firefox behavior) what makes them expire.
I don't use FF, can you elaborate?