Remember Me Checkbox on login screen GH1051
Add "Remember Me" option so that my login persists until I deliberately logout. Or maybe increase the expiration timer to 24 hours or something like that. I just get tired of logging in 10 or 15 times a day. I'm not that concerned about the security risk--what's a hacker going to do...sign me up for a course?
When you log in there is a box now that you can check that says “Keep me logged in.” Checking this box will keep you logged in for 30 days if you are simply closing your browser rather than logging out.
Billie Bankston commented
Add a checkbox labeled "Remember Me" on your login screen, typically below the username and password fields.When the user checks the "Remember Me" box and successfully logs in, create a long-lived or persistent session token that is stored on the user's device (usually in a cookie or local storage). This token should be used to authenticate the user automatically on subsequent visits.While the request mentions a longer expiration timer, it's important to strike a balance between security and convenience. Expiration times of 24 hours or a few days are common choices.Even when "Remember Me" is checked, provide a logout option so that users can log out if they wish, regardless of the session's expiration time.While the request suggests a lower concern for security, it's essential to ensure that user data and accounts remain secure. Use proper encryption and authentication mechanisms to protect user information.Inform users about the implications of checking the "Remember Me" box, such as the extended session duration, and advise them to use this feature only on trusted devices.Thoroughly test the feature to ensure that it functions as intended and doesn't introduce security vulnerabilities.Consider gathering user feedback on this feature to determine if it meets their needs and expectations.
Brian Baker commented
Some people though may have access to other people personal information. If that's the case, its something to consider with allowing persistent logins.