A bit irritating having to log in again and again.
the credentials are remembered by Google Chrome effectively, with which browser are you experiencing issues?
Regarding the time out, if you don't close the browser it should happen in an hour since your last activity
Used to logout after a couple of minutes of inactivity, I'll take once a day or so...
"Better than used to be" is not an excuse for design flaws, Clive.
Above the once-per-day autologout, logged-in-ness does not survive a browser restart, too.
I have an additional annoying problem with that the browser at one of my locations (where I did a few experiments with multiple accounts) does not remember the login/password to offer an auto-fill-in.
Yes but it does scope the problem somewhat. What periodicity is being complained about, and what is the expectation?
Also observed the issue with not remembering user/password on the browser, I suspect this is due to where the login is selected, and where the expected follow-through is going to take you, and that frequently being unique.
I'm expecting to stay logged in until I manually log out. "Remember me" during log-in has a tool tip that says:
..which is not what I'm used to. Of course chrome remembers my credentials, why would ST forum make the same feature?
So what it boils down to is that I want a feature called "Stay logged in"
By the way, If I'm logged in to my ST in the forums, I'm still prompted for login details if I, say, want to download some software from other parts of your website. So the login is not valid site-wide, which I would also expect.
I'm thinking FireFox, and it has to do with the URL. I have to type in the username/password often enough that it is annoying.
The my.st.com SSO protects access to many applications, including some for which we definitely can't allow an always-on login. Between convenience and security, I would go for the second one, especially considering that if you have your credentials saved in the browser, the login is just one click away
Okay then I have "always logged in" active on both private and corporate email, paypal and facebook. I just think it should be up to the user to choose to be as ignorant and naive as I am
The my.st.com SSO protects access to many applications, including some for which we definitely can't allow an always-on login.
I don't have numbers of course, but I guess the majority of forum users are here just for this, the forum, ie. they don't have and don't need access to applications which require short login timeout.
Can't that majority have a different treatment (infinite login)?
Or, on a similar note, can't the login machine remember time of last login, and discriminate between required resources, i.e.
if request = certain_resource (e.g. community.st.com)
then local_loggedin = loggedin AND (last_login + required_timeout_for_that_resource) > now
Between convenience and security, I would go for the second one, especially considering that if you have your credentials saved in the browser, the login is just one click away
Two clicks (one on the "Log In" and other to confirm the login/password). Annoying anyway.
Which as I said does not work for one of my locations. FF on both of them. At the location where FF does not fill in the login/password nor allow to choose from saved, I previously experimented with multiple logins (I have one which I normally don't use for web access but use for the mail notifications (directed into a spare mailbox not to mess up my standard mailbox with the hundred or so of messages generated by the STM32 forum per day), as the system prevents me from changing the mail address).
Same version of FF on the other location fills in the login/password with no hesitation regardless of the originating point from where the login was requested.
as a standard user of My.ST.com you have already access to other applications like Support (tickets), Samples ordering, three analog simulators and more.
As we can assign or revoke access to more applications for each user at anytime, we have to enforce a global policy for SSO.
Also, the automatic logoff is there to protect you in case you access the forum from a shared computer or you leave it unattended for some hours on your office desk.
That still does not exclude the possibility of having different login timeouts for the different applications/domains/resources. I understand it's not how it's implemented now - I am talking about suggestions without attempting to understand the technical background, e.g. in case the latter is to change in the future.
One of the very few joys of working in a garage-scale company is that you NEVER need to be concerned about leaving anything unattended... :-)
the timeout is enforced at a SSO level, so the applications get that as slave.
Unfortunately, not knowing who and where each user is, we have to assume the highest risk of compromisation (e.g. notebook left unattended in an airport while the owner grabs a sandwich)
But you still have to log in again at different parts of st.com, while you're logged in to the forum?
Once you have authenticated yourself of my.st.com you can access various services provided by ST (not just the ST Community) without having to login again, until the natural time expiration happens
Retrieving data ...