No announcement yet.

Your Thoughts Please - vB login

  • Filter
  • Time
  • Show
Clear All
new posts

  • Your Thoughts Please - vB login

    Hello Forum,

    I was just interested in peoples opnions on when and how or when the remember me fearure should be used. I will explain my situation...

    I have spent many weeks trying to understand the VB login process so I can intergrate to the rest of my site. I now have on my site to be able to use your VB login, and use the usergroup priv to alter aspects of the site outside of the vb foums software. My site is a links based site where people can add blogs and actually edit other people pages and sites. With all this in mind I am concerned about add the remember me feature on the login now. I understand fully how it works with cookies and all that -

    do you think people prefer a remember me feature that times out, or a requthentication page when you want to do something important.

    I am worried / concered that a mod or another priv will acdentially leave then selfs logged in, and somebody alter the whole content of the site and changes many other databases on ther server.

    As far as I see it, I got to option, either remember switched off ( log in everytime the sesssion times out), or reauthentication when soemthing important needs doing ? (ask for the paswword again)

    what do other people think ?? - I want the most professional approach without forgetting the security


  • #2
    vBulletin chooses reauthentication (and 60 min automatic log outs) with the admin control panel. That seems like a reasonable choice - you can't do most extremely destructive stuff without it. Even so, it's no excuse for lax backups.
    MTG | Forums


    • #3
      It actually either uses the default cookie timeout for the board (15 minutes) or the hour option if you have the switched turned on.

      We require full reauthentication in the admincp, not just the cookie and we then create a seperate cpsession.
      Scott MacVicar

      My Blog | Twitter