Max Semenik wrote: > I propose to raise the default ($wgCookieExpiration) at least to 90 > days from current 30.
What's the reason for having the cookie expire at all (or expire in any reasonable timeframe)? I'm not sure I see what security benefits any expiry provides (much less a 30-day one) given the rampant use of password stores in browsers. Another option would be to add a user preference for cookie expiry, but suggesting the addition of new user preferences usually activates the Aryeh rage machine. :-) MZMcBride _______________________________________________ Wikitech-l mailing list [email protected] https://lists.wikimedia.org/mailman/listinfo/wikitech-l
