[atlas]Question about security?
Robert Kisteleki robert at ripe.net
Fri Dec 17 15:00:45 CET 2010
On 2010.12.17. 12:38, Marco Davids (SIDN) wrote: > Hi, > > So how does security on the Atlas portal work? > > Reason for asking is that I changed the password from home yesterday, > but when i logged in from work this morning, i was not asked for the new > password. "logged in" or "kept on using the existing session"? I could see the later one but the former one would be a surprise. > Maybe some kind of sessionid cookie with a long expiry time? That'd be my answer; see above. > Is that safe enough? I guess it's a tradeoff between usability and security, as always. I don't know from the top of my head how long current sessions live, but I'm sure we could decrease the value until it becomes an annoyance :-) Cheers, Robert > Regards,