Dan Price wrote: > If I have to log in once per 24 hour period (yes, my work day spreads > over longer than 8 hours) then I can live with it. I won't like it > but I will deal. A couple of days would be nicer. 1 hour was a deal > breaker.
Yes, I've taken on board that 1 hour was too draconian. > I think what others are reacting to is that we're trying to invite > people in to participate, and login must not be too much of a barrier. > Think of it like taking a flight and having to deal with airport > security. It might be necessary but it doesn't make you feel loved. Agreed, there's a balance to be struck between security and making people feeling loved. However I have a sneaking suspicion that the same people who are so vocal now would be equally as vocal if the site was overwhelmed with forum spam, or there was large-scale defacement of site content. > I think for me the single biggest irritation with auth in other web > sites comes when I get logged out in the middle of a transaction-- like > a wiki commit, or making a purchase. In other words, I click 'edit', > start writing something, leave for the weekend, come in Monday, and then > suddenly I can't commit the page because I've been timed out. I'm left > to log in, then hit the 'back' button to hopefully get back to my > changes, etc. The best websites are smart enough to authenticate you > and then bring you back to what you were doing. Hopefully we will do > the same. I think that's a very good point, and in fact one that I've already been thinking about. -- Alan Burlison -- _______________________________________________ website-discuss mailing list [email protected]
