|
Runbox Forum Everything related to Runbox should go here: suggestions, comments, complaints, questions, technical issues, etc. |
|
Thread Tools |
3 Apr 2005, 09:29 AM | #1 |
Member
Join Date: Mar 2004
Posts: 76
|
[Feature request]Ability to stay logged in for like a week.
Can we have the ability to stay logged in for a week or two. Yes i know about the runbox.com/mail for one hour. But that is not enough for me, I use runbox all the time on my home pc and i would like to not log in every hour just to see what new email came in.
|
3 Apr 2005, 09:53 AM | #2 |
Essential Contributor
Join Date: Dec 2004
Location: Wien, Østerrike
Posts: 375
|
Why do you use webmail and not IMAP4?
Well at least IMAP4 on port 143 should work. Your MUA should support re-connect and keep-alive. BR Herbert |
3 Apr 2005, 02:25 PM | #3 |
Member
Join Date: Mar 2004
Posts: 76
|
Because I do not want to use IMAP4 or any other protocal. I perfer to use the webmail interface.
|
3 Apr 2005, 09:41 PM | #4 |
Cornerstone of the Community
Join Date: Nov 2003
Location: Seattle
Posts: 594
|
That is not a feature request, it's a security hole. It would be irresponsible of Runbox to allow that.
|
4 Apr 2005, 07:42 AM | #5 |
Member
Join Date: Mar 2004
Posts: 76
|
No it is not, it is a security problem if runbox allow it by default. That's why i say if we can have the "ability" meaning option. As in how gmail and other sites would do it. It has two options, do not remember(public pc) or do remember(private pc) the password on this computer.
|
4 Apr 2005, 09:59 AM | #6 | |
Essential Contributor
Join Date: Oct 2003
Posts: 455
|
Quote:
For those of us who keep our PCs secure, who have BIOS passwords protecting login to the computer, who maintain physical security to access the PCs, etc, I would see nothing wrong with making the login persist for much longer. If someone ever stole such a PC, you could always just login and change your passwords . . . --Jason |
|
4 Apr 2005, 11:18 AM | #7 |
Intergalactic Postmaster
Join Date: Jan 2002
Location: Chicago, IL
Posts: 5,606
Representative of:
Runbox.com |
MikhailT,
What browser do you use? Regards, Rich |
4 Apr 2005, 11:41 AM | #8 | |
Cornerstone of the Community
Join Date: Nov 2003
Location: Seattle
Posts: 594
|
Quote:
I still disagree, keeping an open link is a hole. But if you must maintain an open link there's a Firefox plugin that you can set an automatic refresh rate, us it if you must. If you use IE you need to dump it and not look back. IE just has way to many security issues. Something about having a web browser that opens the door to infections by virus's and worms by just looking at a website is of grave concern. Dump IE and go with Firefox it's not 100% secure, but it's light years over IE |
|
5 Apr 2005, 12:02 AM | #9 | |
Member
Join Date: Mar 2004
Posts: 76
|
Quote:
|
|
5 Apr 2005, 12:30 AM | #10 | |
Essential Contributor
Join Date: Oct 2003
Posts: 455
|
Quote:
Hijacking, as far as I know, generally refers in this context to a hacker hijacking a website, spoofing it in order to foll users into entering their password info. Again, in this case the fac that Runbox users are constantly re-entering their passwords is more of a liability than an asset. I know hijacking can also refer to hijacking a TCP session, but again I don't see what a persistent login would ahve to do with this. There are tools for many browsers (including Maxthon which I use) for auto-refreshing the page, and I'll use those during the day sometimes to stay in Runbox. But it creates an (admittedly small) unnecessary bandwidth consumption which becomes larger when you multply it across the internet and apply it to people who set the refresh too frequently. I think of it the same way as littering -- anyone can justify it on the basis of how insignificant their cigarette butt is on the face of the Earth, just like one innocuous refresh when they aren't even sitting at the computer. But there are ~6 Billion of us now, and when everyone drops their garbage it clogs the whole system. If everyone is staying logged into their 5 favorite sites with auto-refresh tools and sets them to 5 minute intervals, poof, no more internet. Moreover, it only works while your system is turned on. Shut down and you have to login again. What GMail offers, and what this post is suggesting I believe, is that I can login once every couple of weeks, and every time I come back to Runbox with that PC I'm automatically back in. --Jason P.S. If I've misunderstood what you are concerned about re: sniffers and hijacking, please let me know. I don't mean to minimize any legitimate threats, but my understanding of those threats does not seem to make persistent logins an increased risk. |
|
5 Apr 2005, 01:05 AM | #11 |
Junior Member
Join Date: Jul 2004
Location: UK
Posts: 12
|
Hi all,
Just thought I'd throw an idea in here, from a web developer's point of view, and of course as a Runbox fan! Many of the websites that I write have tick boxes during the login process that allows a member to select whether the website stores a permanent cookie (say for 14 days) so that if the usual 'timeout' occurs, you've had already chosen whether your id and password were stored, therefore you could just press return at the login prompts as your details would have automatically been filled in. Of course, inside the website there would one other link that allows the user to 'dump' the cookies that're stored, in case they made the mistake of selecting a 'remember' option when they'd been using a shared-pc. To improve Runbox's current login procedure, a select-list could be offered (or a radio button) that offers :- 1. Remember Nothing 2. Remember Username Only. 3. Remember Username + Password. Inside Runbox, a simple option to 'remove cookies' would need to be made available. This is different to an auto-login of course, as the user still has to click 'Login'. All I'm saying with the above idea is that it could offer a single click to re-log-back-in. Hope that didnt sound too confusing! (sorry if it did). Geir (+ other RB developers) : Any comments on this? |
5 Apr 2005, 01:53 AM | #12 | |
Intergalactic Postmaster
Join Date: Jan 2002
Location: Chicago, IL
Posts: 5,606
Representative of:
Runbox.com |
Quote:
Regards, Rich |
|
5 Apr 2005, 02:10 AM | #13 |
Intergalactic Postmaster
Join Date: Jan 2002
Location: Chicago, IL
Posts: 5,606
Representative of:
Runbox.com |
Oh .. and if you want to do a direct login you can use a link like this:
http://www.runbox.com/LOGIN?credential_0=YOURUSERNAME&credential_1=YOURPASSWORD&destination=/mail Or this one for secure login: https://www.runbox.com/LOGIN?credential_0=YOURUSERNAME&credential_1=YOURPASSWORD&destination=/mail Regards, Rich |
5 Apr 2005, 02:35 AM | #14 |
Essential Contributor
Join Date: Dec 2004
Location: Wien, Østerrike
Posts: 375
|
Is there a direct link for training spam when you are not using webmail?
Maybe Runbox can add the folder id and message # to the header? https://secure.runbox.com/mail/list?folder_id=xxxxxxx&order=\ &direction=&offset=0&learn=spam&message=yyyyyy Or is there something planned for the future? |
5 Apr 2005, 02:51 AM | #15 | |
Essential Contributor
Join Date: Oct 2003
Posts: 455
|
Quote:
Persistent login means as long as your computer (and its cookie) are secure, your access is secure. But saving a link like that means any glance at your favorites or browser history can yield up your password, which for many people is also the password to other sites as well . . . --Jason |
|