Uploaded image for project: 'Moodle'
  1. Moodle
  2. MDL-67066

"Keep me logged in" option on login page,

    XMLWordPrintable

    Details

    • Type: Improvement
    • Status: Open
    • Priority: Minor
    • Resolution: Unresolved
    • Affects Version/s: Future Dev
    • Fix Version/s: None
    • Component/s: Authentication

      Description

      This is split off from MDL-65812

      We should be looking to extend the session timeout, perhaps with a "Keep me logged in", or "Remember me" checkbox at login.

      This has been requested many times in duplicate trackers but it's often been confused with 'Remember me' which was interpreted as only the username when lots of people really meant the full session.

      We need an admin setting for how long you should be remembered for, eg 1 month or 3 months. This is a maximum session length and should be treated differently to a session timeout. There is quite a few touch points.

       From a security perspective long lived sessions are ok as long as you have the ability to re-authenticate when you need to do something for sensitive so I think this should be dependent on MDL-66172 (and why I didn't do it as part of MDL-65812)

       

        Attachments

          Issue Links

            Activity

              People

              • Assignee:
                Unassigned
                Reporter:
                brendanheywood Brendan Heywood
                Participants:
                Component watchers:
                Jake Dallimore, Jun Pataleta
              • Votes:
                0 Vote for this issue
                Watchers:
                4 Start watching this issue

                Dates

                • Created:
                  Updated: