Log in

No account? Create an account

Previous Entry | Next Entry

Login Interface - Remember me

I have noticed a lot of sites make the same mistake with an option on their Login interfaces. Most sites these days have an option to "Remember me" when I login. This option sets a cookie that essentially keeps your login valid for a longer time. If you check this option then chances are you will not see the login screen again for a long time. If you never check this option, then you will see the login screen more frequently.

Some sites have the "Remember me" option checked by default and I believe this is a mistake. If I prefer to log in every time I access a site, I shouldn't have to uncheck this option every time. For those people who select "Remember me" it should be quite some time before they have to login again and select the option again. Also, I think people should explicitly set "Remember me" as it is telling the site that you trust the current computer you are on, and it is safer to assume that the current computer is not trusted by default. Lastly, if sites are smart they should be able to tell if the current browser previously had a "Remember me" cookie set and perhaps default the option to on if it was previously set.

Vox.com and eVite check the option by default.



( 4 comments — Leave a comment )
May. 1st, 2008 06:56 pm (UTC)
Good argument and I think you're right in setting the default to off. Alas, as everyone moves to a "logged in as much as possible" mindset, I think we'll only see more sites setting the "remember me" default to on.
May. 1st, 2008 07:13 pm (UTC)
100% agree. But other than Vox, I haven't run into that. More often for me, I'll see a "remember me", check it, and find that it doesn't actually remember me which is even more annoying the way I use it.
May. 1st, 2008 07:28 pm (UTC)
Yeah, Facebook was really bad at respecting the "Remember Me" option for a long time (it would never actually remember me). It recently seems to have gotten better, though.
(Deleted comment)
May. 2nd, 2008 04:03 am (UTC)
What I meant was, if I logged-in to a site like Vox previously and set the "Remember me" flag and cookie. When I come back again and the cookie is expired, and I need to login, the site could check Remember Me automatically because it sees I had the cookie previously set.

I thought it might be possible to access expired cookies, but that's not the case. Alternatively, another cookie from the same site could store my "Remember Me" preference for when I have to log in again. Kind of a waste of cookies really.
( 4 comments — Leave a comment )