Remember me or not?

Posted by taeja87 on Pro Webmasters See other posts from Pro Webmasters or by taeja87
Published on 2012-07-08T20:16:27Z Indexed on 2012/07/08 21:23 UTC
Read the original article Hit count: 229

Filed under:
|
|

I was told to post this on webmasters instead of stackoverflow.

Is it safe to have the remember me feature? Would it be somewhat safe (knowing it won't be 100% safe) to allow users to close their browser and come back still logged in? I am not exacting sure which way I should go after reading different things about safety. I learned about session fixation and implemented security to add more protection.

From experience, if remember me is checked then only your username/email appears and requires you to re-enter your password. Other sites allow you to come in and out as much as you way without logging out after the browser has closed.

If it is safe, what is the current best way of implementing remember/stay logged in?

Also: The site I am working on is email & password login type.

© Pro Webmasters or respective owner

Related posts about php

Related posts about cookie