Logging in causes logout on other devices

[DrLex0]

This might either be some attempt at adding security (which in practice mostly adds nuisance only), or just a straightforward bug. When a user logs in, sessions on other devices often become invalid even though they were done with the “Remember me” checkbox enabled. The user must then log in again on those other devices, which of course risks invalidating the login on the other device again. This makes the ‘Remember me’ checkbox rather useless for users who access Thingiverse from more than one machine.

This is not reliably reproducible, sometimes the other login will keep working, sometimes it will be invalidated after a few hours instead.

I know no other website that does this. There is no good excuse for this behavior. If you want to set a limit on the number of logins, then this limit should be at least 2, and not 1. But given the randomness of it occurrence, it looks more like a plain bug than an intentional feature of the login system.

[Lyl3S]

I tried duplicating the problem but couldn't. I was already logged in on my Linux PC via the Chrome web browser. I then logged in on my Android tablet via Chrome. That action did not log me out of my Linux PC. I doubt they fixed the problem that quickly, so maybe it was a temporary glitch. Otherwise there is something different about your environment/account and mine.

[DrLex0]

This has been reported many times in the past year and I seriously doubt they have fixed this in the meantime. Perhaps there is a way to work around it, but I just experienced this by logging into the website under Windows and then rebooting into Mac OS X, and I had to log in again there even though I had logged in very recently, so it wasn't the usual weekly expiry. I'm going to check it again.

[DrLex0]

I had to log in in Windows again, but now that I have rebooted back into OS X, I'm still logged in here. I don't know what's the logic behind it, but it seems the login does not always expire. Anyway, this one will remain low on the priority list…

[Lyl3S]

I'm not very familiar with Mac OS X, but I wouldn't expect a login session to survive a reboot on Windows or Linux platforms. If it did survive, I would consider that a security flaw. If I close my browser in Windows or Linux I have to log in again. That's the way it works for every web site that I've ever logged into.

[DrLex0]

It shouldn't matter whether it is OS X or Windows or Linux because this all happens inside browsers.

I expect a login to survive a reboot if the checkbox ‘Remember Me’ is enabled while logging in. It works like that on every other website I know which offers a choice between either login per browser session, or persistent login. At the least I would expect a warning that another existing persistent session will be invalidated. Now however we only have this semi-random automatic invalidation of the other login. I was logged out in Chrome under OS X again this morning, so last night's login in Windows did somehow invalidate this login but with some kind of delay. I have now tried it with Chrome in Linux at work, and again it did not immediately logout the OS X browser at home, but I guess within a few hours it will log out anyhow. I guess this is a true bug and not intentional, but in either case it is broken because there is no consistency in how it behaves.

[Lyl3S]

Ah, right you are about the "Remember Me" checkbox. It should remember you then. I forgot about that because it's been buggy/ineffective for years, no matter what web site, so I don't even pay attention to it any more and forgot that feature even exists on some web sites.