Logon details not retained
#1
Posted 01 July 2009 - 05:28 PM
#2
Posted 01 July 2009 - 06:26 PM
#3
Posted 01 July 2009 - 06:32 PM
Everyone has to log in every time. It was changed for security purposes.
Not true.
I just came on the website and my computer remembers my logon info without having to enter it every time. However, I have noticed that if I happen to logon from another computer, my home computer will not automatically remember the logon info, and makes me initiate it with the user name, and then it completes the form for me. Could this be your situation too, Peter?
#4
Posted 01 July 2009 - 06:55 PM
Everyone has to log in every time. It was changed for security purposes.
Not true.
I just came on the website and my computer remembers my logon info without having to enter it every time. However, I have noticed that if I happen to logon from another computer, my home computer will not automatically remember the logon info, and makes me initiate it with the user name, and then it completes the form for me. Could this be your situation too, Peter?
Hmmm!.....Well that was the story I got from Shadragon when it first started happening. Maybe something has been fixed, sortof?
Oh Simon Sweetie?????
#5
Posted 01 July 2009 - 06:59 PM
#6
Posted 01 July 2009 - 07:15 PM
#7
Posted 01 July 2009 - 07:29 PM
Peter, the issue with your VPN is probably the result of the VPN server assigning IP addresses dynamically each time you connect to it. This gets you a different IP address each time, and of course you have to login again each time. You might contact the server administrator to see if they can assign you a static IP, or else use some sort of VPN NAT protocol to keep the address from changing each time (or at least appearing to change).
-JimG
#8
Posted 01 July 2009 - 07:40 PM
Rick
The names have been changed to protect the innocent, but the crimes remain the same.
-- Narrator, Dragnet
#9
Posted 01 July 2009 - 09:06 PM
Sometimes I have to; sometimes I don't. It seems to be a random thing. Sometimes I have to long in again, even if I've been on the server all along. Other times, it will retain my logon info for the next day.
Rick
The names have been changed to protect the innocent, but the crimes remain the same.
-- Narrator, Dragnet
It is tied to how often the IP addy changes. Sometimes I can go all day without having to log in and other times because I keep multiple windows open, I have to log in several times a day!
Contact me directly at Kamala@SingleDivers.com for your private or group travel needs or 864-557-6079 AND don't miss SD's 2018-2021 Trips! ....here! Most are once in a lifetime opportunities...don't miss the chance to go!!
SD LEGACY/OLD/MANUAL Forms & Documents.... here !
Click here TO PAY for Merchandise, Membership, or Travel
"Imitation is the sincerest flattery." - Gandhi
"Imitation is proof that originality is rare." - ScubaHawk
SingleDivers.com...often imitated...never duplicated!
Kamala Shadduck c/o SingleDivers.com LLC
2234 North Federal Hwy, #1010 Boca Raton, FL 33431
formerly...
710 Dive Buddy Lane; Salem, SC 29676
864-557-6079 tel/celfone/office or tollfree fax 888-480-0906
#10
Posted 02 July 2009 - 12:43 AM
#11
Posted 02 July 2009 - 05:33 AM
The site administrators believe that there is a risk, which is why the measure is in place. With respect to these "other sites" that you are talking about, are they "pay" sites? It's not uncommon for those types of sites to be a little more stringent with their security measures. For example, my bank's website has a similar security feature that is based on IP address. So maybe instead of asking "why does SD do this?", you should consider it from the standpoint of "why don't the other sites do this?".Is there really a security risk that this addresses? This is the only site I find this with, and I log onto over ten each day.
There is always going to be a trade-off with security vs convenience. It's a lot more convenient for me not to have to lock my car or house up every time I leave, but that's what I have to do to keep my belongings secure. IP addresses are incredibly easy to spoof, and from a security standpoint, I don't think it's a bad idea to require users to re-submit their credentials if the IP changes. It's the equivalent of saying "you're calling from a phone number that we don't recognize, can you please verify your identity" (another thing my bank does on telephone transactions).
As usual, the issue is not really the legitimate. or "honest" users, but the "script kiddies" who use automated attacks to try and hack into sites. I have managed a couple of BB sites myself, and believe me, you have no idea of the headaches. I spent way too much of my time deleting bogus users who were created for no other reason than to advertise (for example) porn sites, and it can be a lot of work to keep things free from that type of traffic. And every time there was a security update to the site software, somebody would find another hole to exploit. So yes, it is a bit of a hassle to have to ask users to login again, but I don't personally see it is an unreasonable measure. It definitely makes things easier from the standpoint of keeping unwanted users out of the site.
As I mentioned above, there are a couple of technology solutions to the problem (static IP and/or some type of NAT protocol). I use both of these on my home network, and have very few issues with being asked to login again (basically it only happens when I travel). You can also try using a browser that has a password manager, to automatically generate login info for you. You might try one of those options and see if it works for you.
-JimG
#12
Posted 02 July 2009 - 06:07 AM
Short answer is yes... This stops someone from IP spoofing. It is a method for flooding a web site with posts for university diplomas, 'enhancement' ads and the usual crap we see every day. You may have heard of several other boards being inundated with thousands of these kinds of posts. They use bots to automatically register multiple accounts on your site then post the ads from hundreds of hijacked machines around the world. So many, that board servers have crashed as a result.Is there really a security risk that this addresses? This is the only site I find this with, and I log onto over ten each day.
The IP of your PC and your sign on credentials are hashed together into a unique ID (That is all the detail I am giving). If your IP address changes then you have to sign on again. If you are at work, then go home you need to sign back in. If you are on your PC and go to your laptop, same thing. The sign on can last several days under the right conditions.
You will notice that we have not had the flooding issue where other IP Boards have. This is thanks to Stan and his unannounced work in the background. It is inconvienient, but unfortunatley necessary. I sign in from five PC's and even my Blackberry on occasion and it is a P.I.A. at times, but at least I am not spending hours deleting Viagra ads.
WooHoo. Punkie called me "sweetie". Am slowly wearing her down...
Tech Support - The hard we do right away; the impossible takes us a little longer...
"I like ponies on no-stop diving. They convert "ARGH!! I'M GOING TO DIE" into a mere annoyance." ~Nigel Hewitt
1 user(s) are reading this topic
0 members, 1 guests, 0 anonymous users