Sign Up to our social questions and Answers Engine to ask questions, answer people’s questions, and connect with other people.
Login to our social questions & Answers Engine to ask questions answer people’s questions & connect with other people.
Lost your password? Please enter your email address. You will receive a link and will create a new password via email.
Please briefly explain why you feel this question should be reported.
Please briefly explain why you feel this answer should be reported.
Please briefly explain why you feel this user should be reported.
This is probably more of a usability question but this seems like a good audience to poll.
Q: Should a users session always expire when browser is closed? why or why not?
If “it depends” please state some examples of when it should, and when it shouldn’t expire on browser close.
Yes, it should, as an open session enables others to intrude in your system. However, how do you want to detect if the browser is closed? Even with ajax, this is really unreliable.
So define proper timeouts depending on the type of application (ie. bank software 10 minutes, browser game 20 min etc).