[email protected] wrote on 05/05/2009 04:39:17 AM: > For a web-based password-protected site with sensitive information, the user > usually is logged out after a period of inactivity. (In part, this is to > prevent others from seeing/changing the data on their screen, if the user is > on coffee break.) Ideally, the user would be warned before the time-out, > with an option to extend the time.
I've always been a little leery about extending the time-out. If the use of the website is primarily for not-so-critical applications like, say, my login on a knitting forum or something, then yeah, I don't mind a time-out warning. But for critical applications like banking, credit cards, or even social-networking apps where my reputation is on the line, it always bothered me. (And of course financial sites are where I most often see it implemented.) If I-the-scammer walk up to your computer while you're away and I get a prompt to extend the session and prevent time-out, I've now bought myself X minutes of free hack-your-stuff time while you're gone. Isn't the point of timing me out that I have to prove I'm the right user before I can regain access to the site? That being said, I usually see the warning in a pop-up window or modal layer. I prefer a layer because it doesn't disrupt whatever else the use is doing, which in the user's mind is probably more important or they would be paying more attention to the site in question. anne gibson ---------------------------------------------------------------------- CONFIDENTIALITY STATEMENT. The information contained in this e-mail message, including attachments, is the confidential information of, and/or is the property of, Vanguard. The information is intended for use solely by the individual or entity named in the message. If you are not an intended recipient or you received this in error, then any review, printing, copying, or distribution of any such information is prohibited, and please notify the sender immediately by reply e-mail and then delete this e-mail from your system. ________________________________________________________________ Welcome to the Interaction Design Association (IxDA)! To post to this list ....... [email protected] Unsubscribe ................ http://www.ixda.org/unsubscribe List Guidelines ............ http://www.ixda.org/guidelines List Help .................. http://www.ixda.org/help
