Originally posted by flexmoreIn the top right hand corenr of the screen is the 'log out' link. You MUST use this at the end of every session on a public computer. Same goes for most sites really. If you log out the next person would need to enter your email address and password.
When i just shut my browser, i remain logged into rhp. Can i change this? It seems possible that another user might then access my acct -god knows whether they could play worse than me!
The possiblilty especially occurs when rhp goes down for maintainence.
I once had to pay for another session in an internet cafe just because I'd run out time while I was trying to log out of a site.
Andrew
If rhp goes down before you hit the log out button you will have to delete the cookie called: 'Cookie:your_WinNTusername @www.redhotpawn.com/'.
A quick way to delete all cookies and temp internet files for your WinNT user via Internet Explorer is in Extra > Internet Options > Temp Internet Files, Delete Files ... > OK
(sorry if the translation of the menus is not correct I'm on a German IE here.)
A longer way where you just delete the single file via IE: Extra > Internet Options > Temp Internet Files, Advanced > show files. Delete the file 'Cookie:your_WinNTusername @www.redhotpawn.com/' in that directory.
Gotti
Now I know why I've started having to log on each time I switch between home & work computers. I really hate seeing those flashing ads while I persuade this clapped-out keyboard to let me type my email address and password 🙁
Any chance of an optional super-cookie? Or maybe a cookie per RHP brand? I'm guessing this would be tricky though, and I can see that the new cookie policy does make things safer for some people.
Originally posted by RolandYoungI have to admit, it is a little bit of an inconvenience to me too (I use multiple machines, with multiple browsers, with multiple branded sites - now I can only be logged into one at any one time) - but it is far more secure as it is now.
Now I know why I've started having to log on each time I switch between home & work computers. I really hate seeing those flashing ads while I persuade this clapped-out keyboard to let me type my email address and password 🙁
Any chance of an optional super-cookie? Or maybe a cookie per RHP brand? I'm guessing this would be tricky though, and I can see that the new cookie policy does make things safer for some people.
-Russ
Originally posted by Russsorry but i found it quite annoying this forced login. it is everyone's responsibility to logout when using a "public" pc.
I have to admit, it is a little bit of an inconvenience to me too (I use multiple machines, with multiple browsers, with multiple branded sites - now I can only be logged into one at any one time) - but it is far more secure as it is now.
-Russ
For me this change presents no problem, but I can see why it is an inconvenience for some.
Russ, how about this - would it be possible to put a check box option in (for example) "My site settings" that you could use to either allow or disallow multiple logins?
If "allow multiple logins" was checked, then the cookies would work as they did before, and if unchecked, then old cookies would be invalidated by new logins.
Should such a thing be implementable without an inordinate difficulty, it could be a solution to the problem.
-Jarno
Originally posted by eteckaBTW : The changes I made yesterday were not driven by the first post in this thread, it was just coincidence.
sorry but i found it quite annoying this forced login. it is everyone's responsibility to logout when using a "public" pc.
Further to what I just said in my previous post, I suppose there does need to be a balance. It is only a chess site, you are not managing your bank account, so maybe I could do this :
I could add a button somewhere (‘my home’ probably) which can be used to log yourself out of all other browsers. Otherwise, you remain logged into every machine you use and don't explicitly log out of.
Or, probably better, clicking the log off link will log you out of every other browser that is left in a logged in state? So log in many times, log out once…
Comments?
It sounds like an emergency rip cord. As such, not something that should be standard integrated functionality.
This provides users with the method to remotely log out of any other computer that might have their credentials logged in. But clearly, for me at least, I have three computers that I'd like to have remain logged in. I don't want to be automatically disconnected.
How about a check box, (need another db field or if you have some sort of expando property set up already stick it there) for people that want to always sign out (essentially making thier login a session variable instead of a cookie) and then a button that could actually cancel all the other logins.
just thinking.
Originally posted by Russ...that sounds ideal. BTW while I have your attention , NZ is now 13 hrs ahead of GMT with the commencement of daylight saving so the drop down needs another option ( +13) crazy eh?
Or, probably better, clicking the log off link will log you out of every other browser that is left in a logged in state? So log in many times, log out once…
Comments?
[/b]
BR,s skeeter