Hello, I have been a member of the forums for a while, and have an interesting problem, i usually browse the site an hour or two a night. During that time I usually have to log back in 4 or 5 times. Is there a setting somewhere in the control panel that controls my login timeout or something? surely its not my cookies, because other sites do not have this problem, only my favorite, XDA!
Computer specs
Thinkpad SL410
Windows 7 X64
Google chrome browser
Not sure if thats needed but figured I'd throw it in there.
Hope to hear back, Thank!
It did this to me a few times tonight thought it was weird hasent done it now for a few hours!
the website uses a cookie expiration function that manages active logins so that it removes your cookie after a certain amount of time of inactivity. that kind of function is set on the SERVER side, so it's got nothing to do with your computer.
it's pretty standard practice in the webdev world -- although i will admit that it does seem a little short at times. could be worth sending an email to the admin requesting he/she extend the cookie max time.
truthfully it sorta bugs me too. i like being able to leave it for a few hours and come back and not have to log back in. but thankfully the login form is pretty quick to use.
the point of the function is two-fold: (1) it increases security so that the likelihood of someone could gain unauthorized access to your account on your computer if you use a shared computer or if you don't lock your screen and (2) it also frees up server resources so that they can minimize bandwidth usage.
hope that helps explain it
If you wish to remain always logged in, tick the "Remember me" option when logging in. This will PERMANENTLY remember you, unless you choose to log out.
Don't do this on a public PC.
This stores a hash of your password, which authenticates you with the server.
vBulletin has a default session length of 15 minutes. I can't remember if XDA uses something different. If it's too short, let us know here and I'll pass it on, but it's not something many people have mentioned since we moved to vBulletin many many years ago...
Thank you for all of your responses, seems a lot of thought has gone into this, its not that big of a deal for me, just a minor inconvenience i can deal with. Thanks again!
Related
I receive, on a fairly frequent basis, the same text message from a coworker of mine. They ask for a particular password (because they can never remember it) and I give it to them. It can, at times, be a little annoying, but it did get me thinking...
Is there a program that'll auto reply to text messages conforming to a certain pattern and from a certain party? Is there a program that'll make it so any text from Bob saying "whats the pw" will automatically be replied to with the password?
I searched and found a whole bunch of stuff, but don't think they're exactly what you're looking for. Perhaps someone else personally knows of a particular application that is suitable.
But anyway, I just want to say that you need to file a complaint against that co-worker!
-Sharing passwords should be against your company policy.
- Releasing passwords via an unsecure medium (ie, SMS) should also be against policy.
- Also, if you've sent him the password via SMS before, he should be smart enough to just look through his SMS history for it.
By the way, it's not worth installing an application just because of 1 person's memory problem. You should grab his mobile and save the password as a note on his device. Super cheap dumbphones have notes applications these days...
ohyeahar said:
I searched and found a whole bunch of stuff, but don't think they're exactly what you're looking for. Perhaps someone else personally knows of a particular application that is suitable.
But anyway, I just want to say that you need to file a complaint against that co-worker!
-Sharing passwords should be against your company policy.
- Releasing passwords via an unsecure medium (ie, SMS) should also be against policy.
- Also, if you've sent him the password via SMS before, he should be smart enough to just look through his SMS history for it.
By the way, it's not worth installing an application just because of 1 person's memory problem. You should grab his mobile and save the password as a note on his device. Super cheap dumbphones have notes applications these days...
Click to expand...
Click to collapse
It's a screen saver password for a demo computer. There's only one account on the computer - 'demo'. The fact that it even has a password is fairly ridiculous, imho - it sits in storage until an employee takes it out and prospective customers aren't left alone with it. But alas, I don't have much say in the matter.
I am using Exchange server for work email and use LockPicker to get by the constant entering of a security code to un-lock the phone. Not sure I should load 2.2 because the developer has informed me that LockPicker will not work with 2.2. If anybody is running 2.2 and Exchange server, does 2.2 offer an option of the screen time out vs. the exchange lockout????
Im running exchange and have to enter the code if the phone sleeps for more than 15 minutes. The time is adjustable, plus the code entry keyboard is huge not a problem to enter at all, overall its a minor pain but workable. The guys that developed lockpicker have an app out that disables this, it is only in the beta stage now and not released to the general public but should be soon.
if found that any of my end users were attempting to disable/bypass the Exchange security...i would haul their ass to HR faster than they could enter their PIN.
DraginMagik said:
if found that any of my end users were attempting to disable/bypass the Exchange security...i would haul their ass to HR faster than they could enter their PIN.
Click to expand...
Click to collapse
He He, I'm thinking if I were an IT guy i'd do that too. Lucky for me I'm an end user, I'm hoping somebody comes up with a way to just toggle the time to a longer value say options for 30 - 60 minutes. In reality the new code entry screen is a breeze to use, not such a big deal as before. I'm just wondering if the time delayed is specified by the Exchange server or if it is built into the phone app.
ifly4vamerica said:
I'm hoping somebody comes up with a way to just toggle the time to a longer value say options for 30 - 60 minutes.
Click to expand...
Click to collapse
/shudders at the thought.
I haven't played with it yet, but pray there is no way for my end users to set a 60min lockout period. that's just waaaaaay too long. how long do you have before your work desktop auto-locks? 15min? and that is for a device that doesn't move and if anyone else is at it would draw attention.
perhaps you feel that you are not important on the food chain and have nothing important in your email. but as these type devices get more powerful folks keep more data on them... pictures, movies, xls, doc, mp3 etc. plus tons of email (with email addresses, names and numbers), some folks will setup the VPN function and map network folders or setup VNC/RDC connections (server names, ip addresses and domain name).
it's not "JUST" that someone may see who you're going to lunch with or that your racquetball game got rescheduled. its all that other crap that concerns us. stuff that you may or may not have. for things that you probably don't see as being a possible security breach. sorry if this has an overbearing tone, it's one of those things i have to beat into folks head everyday.
"i don't care if they know my password, maybe they'll do my work." /facepalm
no...they won't.
ask your favorite IT nerd how many pwd's he has floating in his head and how many times he has to unlock his computer each day.
/steps down from security soapbox
DraginMagik said:
/shudders at the thought.
I haven't played with it yet, but pray there is no way for my end users to set a 60min lockout period. that's just waaaaaay too long. how long do you have before your work desktop auto-locks? 15min? and that is for a device that doesn't move and if anyone else is at it would draw attention.
perhaps you feel that you are not important on the food chain and have nothing important in your email. but as these type devices get more powerful folks keep more data on them... pictures, movies, xls, doc, mp3 etc. plus tons of email (with email addresses, names and numbers), some folks will setup the VPN function and map network folders or setup VNC/RDC connections (server names, ip addresses and domain name).
it's not "JUST" that someone may see who you're going to lunch with or that your racquetball game got rescheduled. its all that other crap that concerns us. stuff that you may or may not have. for things that you probably don't see as being a possible security breach. sorry if this has an overbearing tone, it's one of those things i have to beat into folks head everyday.
"i don't care if they know my password, maybe they'll do my work." /facepalm
no...they won't.
ask your favorite IT nerd how many pwd's he has floating in his head and how many times he has to unlock his computer each day.
/steps down from security soapbox
Click to expand...
Click to collapse
I here ya!!! can we comprimise at 55 mins???? Ok 30 mins?? ;-P How did you know my R-Ball game was rescheduled????????????
/retires from badgering the IT guy!
LOL ... if only we lived in a perfect world.
Solution here: http://forum.xda-developers.com/showthread.php?t=745065
I've spent a fair chunk of time looking for a resolution to this problem here and all over the web but have failed. So, here goes...
When someone sends out a (Outlook) meeting cancellation request, it comes via email but there are no options presented that would allow removal of the meeting from my calendar. On the contrary, when I get a new meeting request, I am able to respond with an accept, decline, etc. Am I missing something?
you're not missing anything... same happens to me on my WP7 phone as well as my Android device. my workaround is to find the meeting on my calendar and manually delete it.
Wow, that sounds ridiculous! I am coming from a Win Mobile 6 device and do not recall ever having such an issue... Lets hope the next update takes care of this
Deleting Attendee(s) / Adding ad-hoc email address
Also, under WM6.x I was able to remove an attendee from a calendar entry. I cannot see any function for this. Highly annoying because if I accidentally pick the wrong contact then I have to start the meeting creation over again. Breaking the meeting creation process into two parts (meeting, then attendee association) is a partial solution but still inefficient. Especially if you are adding a lot of attendees and goof up the last one.
Oh, and not being able to add an ad-hoc email address in the attendee section is irritating. Having to create the address in your contacts/people hub first is annoying and I might not want them in there permanently.
Scratch that last moan about not being able to delete an attendee - it's hidden behind the WP7 "press and hold' trick.
I'm asking this because after the Sony/SOE hacking (which I am somewhat affected by), it's got me thinking.
There are some online services that I've been trying to remove myself form (since before that happened), and companies make it virtually impossible in some cases to get themselves removed from these services.
The biggest example is Facebook. It's literally impossible to remove yourself from facebook. It gives you no decent way to see a list of Pages you have "Liked" and there is no way to remove all of your posts from the site.
Twitter makes this easy... Foursquare makes this easy. Loopt makes this easy...
But it seems companies that are big into Advertising make it as hard as possible for you to decouple yourself form them.
Slacker and Pandora have no such option to remove yourself from those sites after you create your account (and it's impossible to purge your personal information from them unless yo go through hoops and bounds to do so). Contrarily, Last.FM makes it as easy as a button click and some confirmations.
Yahoo! and Google make it easy to delete accounts, but Windows Live basically leaves the account sitting there for something like 4-6 months before it's deleted...
Provided there are decent confirmations, I think any online services should allow any user who willingly signed up for it to willingly walk away from it, and take their personal data and information with them. It seems like a huge power grab by the industry to lock users into them and own our information...
I've already written my Congressman and Senator following an issue with AOL where it took literally weeks of constant phones calls for them to delete my old accounts that I haven't used in forever. Finally they agreed to "waive" the "we don't delete accounts" rule because I was in the military for years following the account creation and they had it on record since I canceled my AOL service that I was doing so because I was being deployed back then...
What do people think. Do you think it's cool that companies expect to own our information after we sign up for their services and make it extremely difficult if not outright impossible to decouple ourselves from them?
Or do you want to be denied a job (or admissions into a university) because you posted something tasteless or inflamatory on facebook one night? (yes, universitiy admissions are starting to check social networks)?
For the past 3 months or so I've been trying to close down all these unneeded services that I have subscribed to in the past, and have been met with several brick walls.
It's even impossible to delete accounts on forums these days, which is uber laughable as well...
I'm thinking about quitting facebook, but getting all my stuff off of there is looking like an impossible task...
EDIT: Pandora finally got around to deleting my account... But I did send them like 5 emails today before they got around to it at 10:50 PM (first contacted them like 2 months ago).
I agree with you that all services you willingly sign up for should be as easy to leave as they were to join, it makes sense.
I'm on Facebook, several tech forums, I use several cloud based services (mail etc.) and I try not to post too many things that would make me look bad.
Facebook has by far been the most problematic to get off, you can deactivate your account but not really remove it.
/J
that's a funny question. It's not ha ha funny but it's funny to jump through those hoops. As far as information shared, on social networking, I know its vitally important to keep professionalism especially in clinical psychology. Personally, if my posts aren't related to tech or anime, I don't post it on social networking. I call a person, I write an angry email or something, but rarely do I kvetch on a social networking platform. Because it's a bad idea...
I mean I have opened a second fb account and surprisingly my first FB is still open. It doesn't bother me because it is "dead" for all intents and purposes. Honestly I just really don't mind it personally, but again that's just me. I'm not the type to post inflammatory material. I guess its different strokes.
However, I do agree, it should be easy to delete your own account. But I have to correct you on yahoo specifically. You can recover the account if its deleted. It's rather easy and I've done it multiple times. I think after a year (for yahoo specifically) then its gone. But otherwise, nope it's still there.
Yahoo! gave me an instant way to delete my account hte last time I did it. It was instant, with no recovery. I checked immediately afterwards when I did it and there was no way to recover the account. Perhaps that is a new development.
Both Yahoo! and Google allow you instant account deletion (or did, IRT the former). Microsoft keeps the accounts for something like 120 days (used to be 45, then 60, etc.) and AOL seemingly keeps them forever because the account I had to go through the run-around to delete hadn't been used for years (almost a decade), but had a ton of personal information on it that I couldn't change because I didn't remember an old secret answer so I couldn't even log in to get it off there (I used to have AOL internet access).
I went back and deleted almost all of my posts on Facebook. It took over 6 hours because you have to personally track down every comment you've made on the site (including those on walls of people no longer on your friend's list). This is intentionally convoluded compared to Twitter, where all of your tweets and retweets are there in a list and it took like 5 minutes to delete them...
As much as I despise Facebook's practice of making accounts hard to delete I've been wondering for a while if it is a result of a fragile database structure they are using. N8ter 's description of having to manually remove comments all over the place makes me wonder if Facebook's database structure has some sort of vulnerability to having data scattered in so many places removed.
Granted, it's prolly more likely they make it difficult because they can.
What do you mean, "you people"?
Nice one
Suppose I.walked right into that
Sent from my SGH-T959 using XDA App
So... let me get this straight,
You signed on to privately owned websites, handed over private information/made incriminating posts (in any capacity)... and now you're complaining about it?
In boardroom meetings in those companies, people like you are punchlines.
Nothing on the internet is private. Let me repeat that; nothing on the internet is private.
Learn it, know it, love it.
I think your missing the point.
Facebook makes it almost impossible for people to leave after they've used the service a lot. You have to track down every comment and wall post and delete them one by one, among other things before they will delete your account.
Blacker flat out refuses to delete accounts even after several emails. They don't consider email private information... ... ...
Other services just make it impossible. Google voice makes it impossible ti remove the service or your phone number. Aol generally flat out refuses to delete accounts. Windows live wants your info to stay there for six months.
Its not about it not being private, its about me not having a choice in whether or not my personal info sits on their server.
Having a ton of extra accounts increases spam email, among other things...
Hope that cleared up my stance a bit...
Sent from my SGH-T959 using XDA App
N8ter said:
The biggest example is Facebook. It's literally impossible to remove yourself from facebook. It gives you no decent way to see a list of Pages you have "Liked"
Click to expand...
Click to collapse
I thought you could see those pages in "Download Your Information"
http://www.facebook.com/help/?page=18830
N8ter said:
I think your missing the point.
Facebook makes it almost impossible for people to leave after they've used the service a lot. You have to track down every comment and wall post and delete them one by one, among other things before they will delete your account.
Blacker flat out refuses to delete accounts even after several emails. They don't consider email private information... ... ...
Other services just make it impossible. Google voice makes it impossible ti remove the service or your phone number. Aol generally flat out refuses to delete accounts. Windows live wants your info to stay there for six months.
Its not about it not being private, its about me not having a choice in whether or not my personal info sits on their server.
Having a ton of extra accounts increases spam email, among other things...
Hope that cleared up my stance a bit...
Sent from my SGH-T959 using XDA App
Click to expand...
Click to collapse
honestly, I know what you mean. Its very annoying and frustrating. But just take it all as a lesson that these are all private companies. Neither you or I have any right to an expectation of privacy. Its a hard truth to face. My Facebook profile is as dry as a bone. I never post or submit any info I wouldn't be comfortable with the whole world knowing.
Until there is a government-run social networking platform, just understand that.
Tone_ said:
I thought you could see those pages in "Download Your Information"
http://www.facebook.com/help/?page=18830
Click to expand...
Click to collapse
No. That's only to download your pictures, videos, and stuff like that if you want a hard copy or to put it on another social network/profile.
For example, if you want to put all your facebook stuff on your Windows Live Profile, but they don't exist on your computer/smartphone anymore...
Also, that won't remove the ridiculous amount of manual labor involved in tracking down every comment/wall post and deleting them one by one...
All that information is trivially seen by clicking on "Profile" at the Facebook homepage. It shows all your activity. But you should be able to remove it by clicking on the X. Right now, you have to go to every page, track that comment down (sometimes in a sea of 1k+ comments), and manually delete it. Some of those comment feeds are so damn large, that they can crash some users' browsers or slow them to a crawl.
This might be quite ranty, but I just want to talk about a problem with the service LineageOS offers in order to actually contribute to the project.
Why am I doing it on XDA? Honestly I looked for a long time on the official website for a forum, and I couldn't find anything, so, here I am.
I wanted to fix a small inaccuracy I've seen in the wiki page of a device I just installed LineageOS to, so I read their wiki page on how to do exactly that. I made my change, and when I wanted to actually commit my changes, I saw the instructions said to create a Gerrit account.
'Sure thing', I thought as I happily went to the site, and I clicked on the 'Sign in' button. To my surprise, I reached a Google login page. I thought I pressed something wrong, so I went back, wanting to just create an account using an ordinary e-mail address, for multiple reasons, privacy and staying away from Google as much as possible being the largest one.
When I realised that this was the only option, I eventually caved in since I already took the time to make my change, and I figured I might as well just upload it. I logged in and, to my surprise, I saw I had a profile picture I set when I was around 13. Weirded out, I clicked on 'Change Picture', only to see I was getting redirected to none other than Gravatar. Ugh.
I went through the trouble of getting my Gravatar account back since I used an old e-mail address (actually just hijacking my old account to delete it and then creating a new one). Needless to say, it didn't work at all, and I still had my Minecraft profile picture from fifth grade on Gerrit.
Giving up temporarily, I scrolled more through the Gerrit account details, and I reached a section about e-mail addresses linked to the account. I added the e-mail address I actually wanted to use to the account, and, surprisingly, it allowed me to set that one as the main address, but even more surprisingly, it allowed me to remove the GMail address from the account. So, without thinking twice, I did that. Everything seemed well, even my profile picture updated to the normal one. I then continued to add more details to the account, like my username, and just as I was about to generate myself a new SSH keypair to get started and finally end this, for some reason, the page refreshed and it kicked me out of the account. Then, I tried logging in, shortly after realising my edits were on an inaccessible account due to the need to log in only through Google and the fact that I removed the GMail address. So, now, I technically have two broken accounts: one that can't update its profile picture and with a bad username (the one on the Google account), and one inaccessible one due to how signing in is handled that's hogging onto the username I want to use (the one with the e-mail I wanted to use).
So, in conclusion, LineageOS Gerrit, for some reason, forces Google account log in and also forces the use of Gravatar. Really now? I understand offering Google account log in as an option, but not as the sole way of creating an account. I couldn't care less about the profile pic if I didn't have an old one I couldn't replace.
Why don't you make it easy for people to contribute and just offer classic, normal, e-mail sign in, like any other service?
This is the 21st century.
The point is to make the trivial as tedious as possible!
There are times that I have some change to offer but I don't feel like git-ing the whole project.
So I don't.
There have been times that I have found an error in closed source, told the OEM which file, which line, which character.
Nope. Nobody interested.
Feels wierd, when LineageOS is supposed be “private” and about “privacy”. While I personally do not care how to log in, it feels like this is kind of against what they are trying to get.
Andy3153 said:
Why don't you make it easy for people to contribute and just offer classic, normal, e-mail sign in, like any other service?
Click to expand...
Click to collapse
+1 I was equally annoyed about it, many times:
https://wiki.lineageos.org/contributing_wiki
Your story is pure horror This is just despicable and entirely disregards the wiki concept.
Renate said:
There are times that I have some change to offer but I don't feel like git-ing the whole project.
Click to expand...
Click to collapse
Nah, I don't even mind having to `git clone` the entire wiki. As long as you provide me a method to contribute with instructions, I'll follow it happily.
But, I understand your point. Maybe it'd be better to have an approach similar to the Arch Wiki, for example. Just an account creation on the wiki website, a discussion page where you can actually discuss a change before making it (I don't know why, but making a pull request for something seems way too final for me, sometimes I'd like discussing a change before making it instead of having that discussion in a Git pull request or issue) and a simple `Edit` button.
Arealhooman said:
Feels wierd, when LineageOS is supposed be “private” and about “privacy”. While I personally do not care how to log in, it feels like this is kind of against what they are trying to get.
Click to expand...
Click to collapse
Yeah, it seemed weird to me too when LOS looks like it at least tries to be privacy-centric, but then only offers Google log in to contributors