Why does remember me tend to work so universally poorly? WordPress for example, is a particularly irritating case, logging me out seemingly at random. Some sites manage to get it right, facebook almost never logs me out. Is there some subtle issue with cookie management that most sites manage to get wrong?

Coupled with this, what’s the basis for remember me only lasting a few weeks? Is this a legitimate security feature? I don’t really see the basis for it. If I check remember me, I want the site to remember me until I am old and grey (or at least until 2038).

Responses

  1. Michael Toomim says:

    November 19th, 2008 at 2:57 am (#)

    some of them are implemented with cookies that expire when your browser quits

  2. Michael Toomim says:

    November 18th, 2008 at 6:57 pm (#)

    some of them are implemented with cookies that expire when your browser quits

Leave a Response