sign in
I much preferred being able to view messages without having to sign in each and every time
Forum Discussion
I think most of us are aware of, and use password managers and device security. But that affects our access point (phone, laptop, tablet, etc.) from outside users accessing it. I don't understand how using these tools protects the security of this G.S. forum.
G.S. states the timeout limit is for their "security". What security is that? It doesn't appear their sign on security differs from before. Userid and password get you on. No TFA or equivalent.
The password requirements are more complex and there's no "Remember Me" to keep the session alive for days/months like on RV.NET.
And yes, it could be more secure through MFA, but do we really want to do that?
At least the session time-outs give us more protection against someone getting into one of our accounts with elevated permissions and deleting a bunch of posts or banning a bunch of accounts. It's not perfect, but it's more secure than the old site was.
As much as a PIA 2FA/MFA are, I absolutely want them on my financial apps. But for this forum (and other RV type forums): absolutely not.
Still, these things help identify us and ensure to G.S. that we are who we say we are. It does nothing to make the forum more secure. If I was worried about someone hijacking my session, either through my keyboard or intercepting my HTTPS connection, I would definitely logoff after every visit.
I just don't understand how a timeout makes the G.S. forum more secure.
