On Jan 5, 2010, at 3:49 PM, Devin A.Brown wrote:
Hi,
I work for a very well-known publishing / corporate site that
attracts a high number of C-level global visitors. Our Security IT
department has has asked us to change our login procedures to
auto-log out user after 30 minutes (like a bank) as opposed to never
auto-expiring a login authentication cookie.
Unlike other online publications, we require a free one-tine login to
view 95% of the article after a preview "snippet" And we have a
high number of repeat visitors to our web site.
1) As anyone experienced the removing auto authentication and its
result to usability on website?
2) Are there any studies out there that talk to the balance of cookie
authentication vs. logging in every time?
Devin
Devin,
It's about the experience you want your users to have. If you want
it to be smooth and happy - and for people to continue to return to
the site - keeping the cookie authentication is the way to go. When
people are logged out automatically, it takes more effort, which
presents an obstacle to doing something that is optional to them, and
they may not ever come back. This may be the desired outcome. That is,
it may be that your company wants to get more people to commit or go
away.
Dana
:: :: :: :: :: :: :: :: :: :: :: :: :: :: :: :: :: :: :: :: :: :: :: :: :: :: ::
Dana Chisnell
415.519.1148
dana AT usabilityworks DOT net
www.usabilityworks.net
http://usabilitytestinghowto.blogspot.com/
________________________________________________________________
Welcome to the Interaction Design Association (IxDA)!
To post to this list ....... [email protected]
Unsubscribe ................ http://www.ixda.org/unsubscribe
List Guidelines ............ http://www.ixda.org/guidelines
List Help .................. http://www.ixda.org/help
