2023-04-25, 21:21
ok, I'm going to try. Thank you
(2023-04-25, 22:29)quietvoid Wrote: Am I the only one having issues with the forums remembering that I was logged in?No, you are not the only one. I was logged out 20+ times yesterday, and 4 times already this morning. Although one of those times this morning was intentional to implement a minor fix.
It seems to disconnect me once every day, since the forum came back up.
(2023-04-26, 01:41)amasephy Wrote: For starters I had the session logout issue as mentioned above. I was logged in yesterday just fine and did not logout. Using iOS 16.4 with safari.
(2023-04-25, 23:09)Karellen Wrote:(2023-04-25, 22:29)quietvoid Wrote: Am I the only one having issues with the forums remembering that I was logged in?No, you are not the only one. I was logged out 20+ times yesterday, and 4 times already this morning. Although one of those times this morning was intentional to implement a minor fix.
It seems to disconnect me once every day, since the forum came back up.
It does not affect everyone, and we are looking for the cause. I am using Firefox on Win10.
(2023-04-26, 04:28)Klojum Wrote: We've had to reset the login status again in the meantime due to an unforeseen bug in the original forum software.I was thinking that (like button) have bug.
So we're still busy smoothing out the server and websites bumps using new software versions/upgrades.
(2023-04-26, 07:00)jepsizofye Wrote: this is likely caused because they are being set with expiration as session instead of a dateThe login cookie should only be a session cookie if you have NOT ticked the "remember me" checkbox during login. But that is not the cause for the random logouts during an active session. MyBB security guidelines suggest to send a special HTTP header to browsers to clear all website data (cookies etc) after a security issue, and this header seems to be sent not just once for some users. The respective cookie that checks if the header was sent has a lifetime of one year, so it should not kick in again
recommend to set the cookies with an expiration date 2 weeks from login date
(2023-04-25, 17:06)jepsizofye Wrote: i would request the maximum password length of 30 characters be raised if possibleWhy do you need more? Passwords are salted, hashed (with a state of the art alog and not just MyBBs default md5) and encrypted - I think it should be secure enough now
(2023-04-26, 10:46)da-anda Wrote:(2023-04-25, 17:06)jepsizofye Wrote: i would request the maximum password length of 30 characters be raised if possibleWhy do you need more? Passwords are salted, hashed (with a state of the art alog and not just MyBBs default md5) and encrypted - I think it should be secure enough now
And given that a complex 17 char password already takes 48bn years to decrypt, I think we are good with 30. But if you have a good argument to go even higher, please explain. Thanks.
See https://www.reddit.com/r/dataisbeautiful..._for_2023/