joey castilloI feel like every web site with a “Keep Me Logged In” checkbox should have a FAQ entry titled “Why Doesn't The ‘Keep Me Logged In’ Checkbox Keep Me Logged In,” and the answer should be “Because we hate you.”
Cassandrich@joeycastillo So much this. Every single site that has a checkbox like this fails to properly preserve login sessions, and it's like the box is just there to say 🖕🖕🖕
x0@dalias @joeycastillo Actually the FAQ entry should say your browser and/or its privacy settings hate us
@dalias @joeycastillo Some browsers make all cookies expire even the ones that aren't set to, some delete them randomly, some refuse to store them at all etc.
@x0 @joeycastillo Nope, that's not what's happening. I have plenty of login sessions that have been alive for 2+ years. I never wipe/expire cookies for sites I want persistent state on. These sites are breaking things themselves.
@dalias @joeycastillo Huh. Do their own cookies have an expiration? Weird. That's not how that's supposed to work.
@x0 @joeycastillo Either their own cookies have an expiration, or they reference a server-side object that has an expiration.
For example I know GitLab's "keep me logged in" actually only works up to an instance-configured maximum, which is something like 7 days by default. Infuriating when the whole reason you have the account is to interact with bug reports.
Thingiverse has one that doesn't even last a day though. 🤦
@dalias @joeycastillo And educational platforms don't even have the option, causing the login to not even persist beyond that one session. Which is severely annoying when I'm interacting with blackboard from home and always have to go through SSO.
@x0 @joeycastillo LOL, just now a banner:
"We introduced major improvements in our login system. If you are experiencing trouble signing in, please clear your Thingiverse cookies to start using the new system."
Wonder if it's still just as broken. 🤔 🤡