| Session Tempdata vs Cookie for "Remember me" login (CI3) |
(09-05-2016, 05:50 PM)Joel Catantan Wrote: @ivantcholakov, I don't think so if I gonna do that. Lets face the reality that there are so many lazy users that just wanted to remember when login. If I remove such feature, many users asking for this and I don't want to make an effort of telling to each everyone of them. There is a way to secure some confidential transaction like payment. You may implement PIN code that only user have known. For auto login, it is important for the system to have Audit Trail (or System Trail - or whatever you called for that) to tract all sudden transactions including the login and logout. You might be surprised. Most browsers now have minimal built-in password managers/form auto-fill functionality, so if the browser can recognize your login form, most users aren't going to notice the lack of an auto-login/remember me feature. On my current site, which has been running CodeIgniter for about 4 years, I've had one complaint about this feature, and that complaint was that it wasn't working as the user expected. Since it wasn't possible to make it work as the user expected and still have some degree of security, I disabled it completely, and haven't had a single complaint about the feature being missing. |
| Messages In This Thread |
|
Session Tempdata vs Cookie for "Remember me" login (CI3) - by Joel Catantan - 09-04-2016, 06:14 PM
RE: Session Tempdata vs Cookie for "Remember me" login (CI3) - by ivantcholakov - 09-04-2016, 08:23 PM
RE: Session Tempdata vs Cookie for "Remember me" login (CI3) - by InsiteFX - 09-05-2016, 04:34 AM
RE: Session Tempdata vs Cookie for "Remember me" login (CI3) - by Joel Catantan - 09-05-2016, 05:50 PM
RE: Session Tempdata vs Cookie for "Remember me" login (CI3) - by mwhitney - 09-16-2016, 01:39 PM
RE: Session Tempdata vs Cookie for "Remember me" login (CI3) - by ivantcholakov - 09-05-2016, 09:22 AM
|
