3 Oct
2007
3 Oct
'07
12:20 p.m.
tardo wrote:
Does anyone know the reason why this was implemented? If so, any objections to completely removing it?
Security. If you log in somewhere from a public(ish) terminal, then that terminal is trusted as you forever. Also, you end up with an enormous number of sessions to track. I think making it very long (say, 24 hours) rather than completely removing it is better. - P