question about applevis and staying logged in
Hi all, I know that posting this in the general chat section is really not a good fit, I am sure that the forum topic list used to have an option called site feedback and suggestions specifically for applevis website related stuff, but it seems to have vanished at least for me, I think it should be brought back as posting this in general chat isn't really a good fit.
Anyway I have a bit of a question slash suggestion relating to logging into the applevis website, I have noticed that once I log in every few days maybe after a week or so I don't know exactly how long but I am forced to keep logging back into the site just to post something new etc.
Is there any way the applevis site could be adjusted so that logins remain active indefinitely and don't expire unless someone chooses to log out. I assume this is maybe something to do with the way applevis creates cookies I don't know, but I am sure it should be possible to adjust the site settings to make logins indefinite, I am on several sites which keep me logged in indefinitely, and I haven't had to change my settings at all for them to make this happen, and I haven't stored my password or done stuff to auto fill settings either, its down to specific site behaviour that keeps these logins active. In fact applevis is the only site where this seems to be an issue, so I am sure applevis code can be tweeked so it fits in with other sites.
does anyone else think that it would be helpful to make this change and also bring back the forum section relating to the applevis website.
Session cookie lifetime is 23 days. If you visit the site again within those 23 days the cookie will automatically be reset for a further 23 days. So, if you are a regular visitor to the site, you will very rarely be prompted to login.
The reason that you will have been prompted to login today is that we switched the site to HTTPS connection yesterday, so existing sessions were no longer valid.
Hi, I understand what you are saying, however I can't imagine what possible security reasons you have for not extending the session cookie lifetime to indefinite. applevis isn't the FBI or anything sensitive lol, I am on several much more sensitive sites with indefinite logins such as private torrent sites and other things. I personally think this should be a community decision or at least discussion, not a decision from on high as this affects the entire community, and as we are a community I would say surely that means we should at least try to be somewhat democratic. at the very least what about bringing back the forum section for applevis site discussion? at the moment there is no real appropriate forum section for this.
Hi. I just wanted to agree with your question/suggestion Alex. I too contribute to many forums which allow me to remain logged in indefinitely unless I physically log myself out. This is particularly beneficial for me judging by how many different passwords I have to remember for the many log-in accounts I have. I won't lie it is a struggle remembering which is which sometimes, but if my details could be remembered by AppleVis it would be a huge help, especially in view of the fact I use the forum regularly.
For sites where one needs to log in each time one visits, I generally have Internet Explorer or whatever browser I'm using remember my user name password.
Unfortunately this type of auto-complete doesn't work with the system AppleVis is using. When I have to log onto the AppleVis site I have to manually enter my user name and password.
Anyway, nice to know that if a user at logs into AppleVis at least once every 23 days then they can remain logged in. If auto complete can't work with this site, the 23 day system is a great fallback.
the thing is though there is no need for such an arbitrary 23 day cut off, I mean its not like we as users can do any damage to the site apart from spam it which I have hardly ever scene on applevis, but even if someone wanted to spam applevis 23 days is plenty long enough to spam the site or do whatever someone needs, so therefor why even have the 23 day limit in the first place. again password security makes no sense, because if someone wants to its quite easy to create an account for applevis registration is free so protecting accounts makes no sense. I hope the applevis admins will enter into a discussion with us rather than saying now now children its for your own good.
Actually for me I have to log in about once a week and I use the forums every day. So for me the 23 days don't work. I do agree that an always remember checkbox should be there and I've actually commented this on other threads and twitter, but it looks like this will be going into file 13.
I'd agree with this. I'm on other forums that keep me logged in indefinitely even though the discussion is sometimes of a more personal/sensitive nature than it ever is on AppleVis. I also agree about having a site feedback subforum. "General chat" is not a great name for this section anyway; its description says "For Apple-related discussion only", whereas on every other forum I've visited, the "general chat" subforum is for off-topic discussion (anything that doesn't relate to the main subject of the forum). Perhaps a better name would be "miscellaneous Apple-related discussion" or something like that.
I don't contribute to every topic, so when I wish to add value the cookie timing is a big disincentive to quickly add my info.
Which is a round-about way of saying I'd really love to be kept logged in for a longer period
I completely agree with your comment Tim sometimes I want to contribute to a topic but think oh now I have to log in its a real bother to do that, and I must admit in some cases it does mean I am less likely to help people, because I see a forum topic with what to me is a very obvious question and answer which I want to answer but logging in is an extra step, because for me lets say I want to reply to something, I open the topic, I go to log in, enter my details. then I end up on my user profile page rather than still being in the topic, so I then have to go and find the topic, app entry or discussion I want to contribute to again so its just a lot of extra work.
I really do feel applevis should listen to us, we are a community and while the work of all the behind the scenes staff is appreciated we as a community should have a say on basic things such as this especially as applevis haven't given any satisfactory explanation for there policy reasoning, after all we are not the personal kingdom of applevis to be run as they see fit, and its rather telling they are refusing to talk to us or discuss this like adults, all they have done so far is jump on the topic and try to shoot it down.
I must say also I am pretty sure I never get 23 days of login from a session as well.
just kind of thinking out loud here, it seems to me that applevis does get run rather from the top with very little community input, I wonder if there are ways we could improve community participation by allowing community votes on issues or having some kind of steering board to direct where the site is going suggest changes etc that the community should have a say on or be able to elect members to to represent user views.
Certainly I think transparency at applevis should be improved, I mean look at the mess that was got into over podcast submissions that was a decision imposed with no accountability that was later reversed.
Being completely frank here, as a member of the site's Editorial Team, I have no desire or interest in letting you draw me into another rabbit hole of your making.
You have made it abundantly clear numerous times over the years that you do not like the way that AppleVis is operated; and that you will search out any opportunity that you can to grind that particular axe and attack the Editorial Team.
I could stress that requiring people to login in order to post to the site is not the affront to our community that you appear to see it as. It's simply what websites typically do. What they do for numerous reasons. I could say more. But, there simply s no point, is there. Your narrative on all things AppleVis and its Editorial Team is set, and nothing that I could say is going to steer you away from it.
For others who have commented here on the need to login. I can only repeat what was said in an earlier reply - once logged-in, you should not need to login again if you visit the site at least once every 22-23 days using the same browser and device. For those of you for whom this is not the experience, there are many possible reasons. It might be the security/privacy configuration of your browser or your operating system; it might be a third-party application that you use for security, privacy or system maintenance. In some cases, it might be the result of us carrying out some routine maintenance on the site. What it is not, is a deliberate choice of the AppleVis Editorial Team designed to create a barrier to participation on the site.
Hi david thanks for your reply, I completely understand and agree with the need to be able to log into applevis to be able to post content of course this is standard practice on many sites avoiding spam etc.
the point is I don't understand how it serves users to have this automatically time out after a certain time limit and so far nobody has agreed with your position.
I am not saying scrap the logins for applevis that would just be a disaster waiting to happen, but you must admit I am sure its unintentional but the current way logins work is a barrier to posting new content as you have to jump through hoops once logging in from a topic page to jump off your profile page and find the topic again etc. Many sites I know of actually send people back to the last page they were on once they log in rather than forcing them to there user profile. you also haven't responded to the comment at all that applevis doesn't host sensitive material as other people have stated.
and as to the editorial team your right I do have issues with it because I don't think we as the site should be nannied and I think users should have more of a say in how things are done I am not saying micro management but come on if your not listening to us as users now I would say this makes for a pretty poor community. applevis is hear to benefit everyone not be an ego trip for the editorial team or me come to that. If you can say to me some good reasons for keeping the current policy or even ask the community what they think if nobody agrees then fine but your making a decision for the rest of us without consulting us, and it says we are a community on the front page not a dictatorship. community implies to me people who are equal and who are entitled to express an opinion and have some sort of say in how things are done even if it means the will of the majority which I would be happy to accept.
Just to clarify ...
If you are viewing a page on the site; want to post a reply, but are not currently logged in. Clicking on the link "login or register to post comments" will return you to that page after you have logged-in. So, there are no more "hoops" than you are likely to find on any other website.
Hi david, this isn't the case for me at all, if I am for example on this topic and click log in then sign in I end up on a page who's title is alex wallis, certainly not back on this topic page. I don't see what is so hard about listening to user comments and feedback though, it seems to me that your selective about what you do and don't want to hear. again I can't see any security need for timing out logins at all, certainly for me the current situation does make it far less likely I will try to answer a question for someone because of having to log in then go and hunt a topic down. so far none of the people who have replied to this like the current situation, if your that confident that your right and you believe in democracy why not hold a pole and ask the community what we think?
Again I know that it doesn't fit with your narrative, but clicking on the link "login or register to post comments" does return you to that page after you have logged-in.
Note that I did not say to use the main "Login" link near the top of the page.
Hi David, well in that case why not adjust the login link itself so that it also goes back to the last page you were on as a user? seems a silly way of doing things to have one link for loggin in do one thing and another do something totally different, I still say there is no good reason for the timeout policy to begin with and its all about how the emperor of applevis wants to run things with no input from the iinconvenient little subjects oh sorry I meant users lol. But back to the main point I would say surely its better if the site can be made to work as consistently as possible.
Its not a big deal to have to log in every 3 weeks its kinda nice that it keeps you logged in for that long of a time.
Hi. I know i'm definitely one of the more frequent contributers to Applevis. I visit every day just to keep up with what's going on. If the theory about session cookies is correct, then I should never have to log in, but every so often, like every month and a half or so i'm prompted to.. Please please guys understand that this isn't a complaint in the least whatsoever. I don't mind having to do it, but if a session cookie lasts 23 days, and a person visits every day, then logic suggests that if they use the site every day, they should never have to log in again, am I correct? I wonder if maybe a setting in our browsers needs to be changed to better handle session cookies? Could we have something set wrong? As it is now, more often than not I stay logged in, but every so often, i'm prompted to log back in. It only takes a couple seconds and isn't hard, but I do think Alex's question and suggestion is not a bad one.
I'd echo what Toonhead said above. I contribute fairly regularly, maybe not quite as often as I used to, but do visit virtually every day. I have to login again fairly regularly, maybe that's an issue on my end, I don't know. That being said, partly because I use 1Password, it's not that big of a problem, but could be a better experience if I stayed logged in.
As I said earlier, you have your own well-established narrative on all things AppleVis and its Editorial Team.
Stating that my involvement with AppleVis is an ego-trip on my part and that I run the site like an "emperor" is ... well, take your pick from simply wrong, insulting, laughable, and so on.
It also leaves you and I with no-common ground on which to have a discussion, so consider my involvement in this one ended.
And. yes, I am totally aware that you are likely to claim this as proof of my not listening or taking notice of the views of the community. But, do you know what? Your constant sniping and insults over the years don't really place you in a position where I feel inclined to care what you think. Life is too short.
And to make it clear, I am not speaking on behalf of the AppleVis Editorial Team here, These are my personal opinions and response to Alex.
Toonhead and Dave82,
We use a very standard cookie for handling sessions. So, if you are visiting the site regularly but still finding yourselves occasionally prompted to login, extending the lifetime of the cookie would make no difference, as something else is interfering with things. I wouldn't like to guess at what that might be, as there are many possibilities and not one that will be common to all use cases. As I said in an earlier reply, the reason that everybody found their session expired earlier this week was the result of moving the site to an HTTPS connection. So, there are certainly occasions when something done at this end will require you to login again, but these are generally quite rare.
This is cool, but I am just curious enough that I would like to know why that might be happening. I fully understand that moving to an https connection would reset things and we'd be required to log back in, and believe me, I've got no problem with doing it at all. But i'm one of these types, even as a kid I would always ask why. Why this happened, why that happened and this is another one I can add to the list. It's merely a curiocity thing on my part, where others might be looking at it as a complaint. I will google some stuff about session cookies and maybe it'll turn up some clues. I have no problem with anyone here, I just want to know why, if a session cookie is supposed to last 23 days, and I visit every day,and every so often i'm asked to log in there has to be a slight issue somewhere.
hi all, the point is that applevis could change the way the site works if they wished to to make it so that logins never expire, this is my point that David and the entire applevis editorial team seems utterly unwilling to discuss the reasons why they won't do this, instead they just say on the second post this is something we will not consider under any circomstances, leading me to make my comment about david and being an emperor. Interestingly I just looked back at that post and the comment about not changing under any circomstances seems to have vanished, now I am not sure if I am looking at the wrong post or if it has been edited, but I know I didn't imagine that comment that said we will not change it under any circumstances.
I am quite open to the idea of a dialogue but the point is the answer being given by the team is no no no not going to happen with no explanation as I have repeatedly asked of why if permanent logins are such a bad idea do so many sites do it, you also seem unwilling to respond to the point that this is a simple community site where all we as users are asking for is something to make our lives a little easier which its perfectly possible for you to do. the thing is that we as users can make no changes on our end for session cookies to be permanent it has to be the applevis team, everyone ask yourself why they won't explain to us what there reasons are for the unwillingness given how many sites allow logins to be permanent, for me I am not a big applevis contributor but this is partly because of the login thing.
Lets face it though applevis is kind of slow on the uptake generally taking years to finally allow discussion of ios betas and such even though rest of the internet has been doing it for years, with that again another example of being very reluctant to listen to users yes I know nda bla bla bla but applevis isn't and so far as I know has never been affiliated with apple, so personally I feel no loyalty to apple. my point is this how much say to we as users get over how applevis is run what the rules are etc, this is why I see applevis as being like a little kingdom or club, I mean again everyone ask yourself when was the last time applevis actually came to us and said community this is something we want your input on, and I am not thinking of golden apple awards.
Is it two much to suggest that we as a hole community should have more input into the site? now I am not saying the community could or even should run the site we need the editorial team to enforce standards but at the same time its not like I am sitting hear proposing a revolution and sacking the entire team is it? for applevis to sit there and say this is a policy change we will not consider at all is hardly promoting a friendly dialogue or discussion its just trying to quell descent. also the team didn't want to engage at all with my other suggestion of adding the site feedback and suggestion section back to the forum, that has never been mentioned. I thought I was being very reasonable at the time with my original post I only became negative as applevis refused to engage with us positively on the suggestion itself simply saying the current method works for logins. as to the editorial team though again that's hardly transparent we get no say who is on the team or how they are appointed, it seems to be a tap on the shoulder if someone is considered worthy to join it and to have contributed to the site, my point is there is no oversight over the team its all very clubby.
Cheers David. That's fair enough, just curious really. It's only occasionally I need to log in again and not too much hassle anyway. I don't know the merits of the 23 day limit, I notice some sites like Facebook never seem to log me out, even though I rarely use it in Safari, while others like Audible seem to require fairly regular logging in. For anyone having issues with password management by the way, I would strongly recommend using services such as 1Password or Last Pass.
I've been looking at some of these comments, and all I have to say is "wow." to Mr. Goodwin, I agree with you thus far. Alex, bro, if I were you I wouldn't be so quick to attack the editorial team whenever you find something that you don't like with this site. Just saying. I understand giving feedback and constructive criticism, but to me at least, your comments so far have sounded demanding and very, very cold.
Anyway, I've also been prompted to log in a couple times, but it's not big deal for me if I get logged out and have to log in again. It's just something I've learned to deal with. Now, wouldn't it be awesome if we all did that?
Actually, when I click the log in or register link in a forum post I get kicked back to my dash board not the original post as well, I neve click he top log in link. I dunno if this is on my end or what not, but yeah this is very odd.
Hi Joseph thanks for your comments on my post, I initially certainly didn't mean to come across as demanding or cold, however it would be nice to be able to engage with the editorial team on how to improve things rather than being given a blanket no with no explanation, it was the blanket no that bothered me along with the refusal to discuss both advantages and disadvantages of my suggestions. I certainly don't think its demanding to ask to be listened to, though everyone is entitled to an opinion and to express views as long as they can be explained. and no matter how I came across I do think the basics of my points stand though I am quite willing to discuss both sides of the argument.
I can completely understand sites that hold financial information on us logging us off regularly like audible or amazon but applevis isn't in this position. I am glad someone else agrees with me about being thrown back to the dashboard.
This is the link that's below your last comment for anybody who is currently not logged-in:
The second part of that link instructs your browser to redirect the user back to this page after logging-in. I do not know why this is not the experience for you, but I cannot get it to do anything other than what is expected on iOS and macOS.
Oh, my goodness, Alex. You are indeed extremely intense and a in your face kind of a person. I'm not sure if you realize that but I don't mind people that are very passionate about AppleVis but... You are very abrasive on your comments and will never be happy with any response that we give you.
Listen, it is very simple. We do this because of security. Yes, we have a pretty good set of defensive wall against spammers but they do still get through at times. The Editorial Team has this pretty much under control. However, what we aren't prepared are the hidden factors. Believe it or not there are numerous of attacks on this site every day. People that are either attacking against to gain access to the actual databases themselves or worse the users account. Yes, I totally agree we aren't a bank or something extremely sensitive but being proactive about protecting the integrity of AppleVis is also a big concern of ours. We are always setting up different kind of defensive measures so we can try to prevent destruction of the databases and gaining access to our user’s accounts. I would figure that most people would be supporting us that we care enough to want to keep that integrity. Most of all it is about not ever having to worry about massive downtime or god forbid we get breached and must have everyone to reset your passwords. We have security in place for this reason and we are always trying to close loopholes in our security. One of those is in the cookie sessions. So, in the end I really believe no matter how much details or explanation we give to you it will ever be good enough. It is your way or no way at all. You will find a way to argue about something to the ground and totally incinerate it.
Yes, there are places like Facebook that don't use this kind of measure. It is mostly because they have a full staff of people and resources that we don't have. They have hundreds of thousands of dollars of firewall and security that they must protect them. They also have a 24/7 a day watch around the clock of security administrators. We on the other hand. Are a group of people that volunteer on our time. We are not on 24/7 a day to be able to watch and monitor our logs and have the security software as they do.
So, that was a totally unfair analogy along with any comments that the AppleVis Editorial Team are an ego-tripped set of people that don't care nor listen to the users. Personally, I find that very insulting. As much blood sweat and tears that I have put in to this tie along with everybody on that team. The thousands of man hours that I have personally have done for the site and podcasts and so much more. That is also is to be said to ever member on that team.
There are many reasons in why AppleVis does not have an open voting poll for every major decision that are made for this site. It is like this. When the people of a town have suggestions, dislikes, ideas and such. They all go to the town hall. In this town hall, there are a set of people that make the decision for the town. Do they make mistakes? Sure, they do. It is human nature that we will make those kinds of mistakes at times. Nobody is perfect and never will be. Those set of people will and always are making changes and decision in what they should make for the town. They are also doing their very best especially when those people are nothing but volunteers. we do want to make the town the best it can be and sometimes some decision is and will be difficult to make. With every decision, will come along two sides of the cooing. Those of the people that are not happy with that decision and those that are happy with it. No matter what we do and make will never satisfy everyone. We do our very best and make our decision accordingly of our thoughts and of the town. That is the most democratic way that I know and that is exactly what we have here on AppleVis. The AppleVis Editorial Team are those town halls set of people that make the decision. We are 8 people strong on the team currently and I honestly can say that it is the most fair and blanked set of people. Do we have disagreements on a decision? Of course, we do. One thing we do is talk about things. Make sure we all have our say and then we vote as a team. The results are that we take the majority vote and that is how decisions are made. Those that disagreed just do what most people do in our everyday lives now. That is to move on.
So, this is way I was so confused when I came across this post. You and several people made your statements. We have listened to it. We have told you and others of that decision. But, for some reason it was not good enough and want to snowball this and want to try to get people rallied up for some protest. I really don't understand.
AppleVis was built the way it is now and designed to give the community as much it can give and take. There are so many freedoms that the community can be involved. A community based site such as AppleVis to allow people to post, comment, submit is plentiful! Yes, those major decisions down to the very little minor ones are made by the Editorial Team as it was design to do. We have always and will always listen to the users. Just because you are the loudest doesn't always mean that most the people agree with you. Sadly, I have been told many times when a post gets toxic that they want nothing part of it. Don't want to say anything nor have any comment to be made. Why? Because people on those threads get very nasty and don't want to be part of the mudslinging. So just because you only see one way on a post isn't always what others think and agree with. Believe me. We have people contacting us every day to the team or in person of everything so that they can avoid when possible. They simply don't want to be dragged in to something that turns in to an argument that at times never seem to end.
Over the years that I have been on AppleVis. We have opened for applications to be part of the Editorial Team and other teams. This is simply because people come and go. We don't pay people and they are having to take their own time to do for what they are supposed to do for that team. So, it isn't like some dictatorship that people make it sound like. That is far from the truth.
AppleVis has always been a place of where the community are free to discuss to talk about anything that they feel and want to say. I feel we are open for most type of discussions. This is being one of those. We always and very much appreciate all the suggestions and thoughts that they want to share with the Editorial Team. We do care and we do listen. After we have heard in what the users must say and that we have given our decisions the case is closed. Simply because there is nothing more to discuss and always ends up in this never-ending argument after a decision. Which is something I just don't understand. I really don't. I'm sorry that this isn't what you want to hear and it is very apparent that you disagree with our decision. I personally can say I have heard all the comments and we have personally weighed in of our thoughts as well and made the best decision we think is the best one for our users and to AppleVis.
Thank you for letting us know of something that had bothered you and want to see if there is something we can do differently. Now, we feel that what we have in place is the best for now. At some point if we think we can do something to improve on the security on this site. We will try to make those decisions with our users in mind. We always have and always will.
Congratulations Alex, your attack on the Editorial Team for not letting site users vote on cookie lifetime and for caring about the security of the website is looking like a shoe-in to be the most ridiculous thing said on AppleVis in 2017.
Based upon your attitude towards AppleVis, I am assuming that you won't be around to collect your prize, so make sure to leave a forwarding address.
Don't let the door hit you on the way out.
Well said indeed to the last two posters. I couldn't have put it better myself. I've seen some pretty screwed up stuff, but I think this takes the cake. and it eats the cake, too. Along with a not-so-healthy side of bacon, on a bed of bacon-wrapped bacon.
I do see the log in option after the last coment on the page and when I log in, it takes me right to the page where you put in the subject and the message. Personally, logging in every time doesn't bother me since I have to do it on a lot of sights when I'm at work. I think the editorial team does an outstanding job here.
Hi Anonymouse thanks for your detailed reply, at least you have been more open in your reply and tried to explain a bit more about how things work. I must say I still disagree with the fact of not involving the community in any decisions, I actually can't at the moment think of many suggestions made by the community that have lead to positive change, apart from the setting up of the applevis xl twitter account which is still definitely valued by me, but apart from that I can't think of anything else users have had appositive impact on certainly recently. Though I would be delighted to be proved wrong.
You might not like my login suggestion but what about adding the site feedback section to the forum, general chat isn't exactly a good fit for this topic anyway.
Another thought, maybe a section could be added to the site with information about how the editorial team works, who is on it along with information about them and what everyone's functions are within the team, to be updated as changes happen.
I do get the analogy to a town hall, though to extend that analogy further the people living in the town can vote the mare out of office after a few years haha, I am not seriously suggesting that but just taking your point to its logical conclusion, but on a serious note I don't see the harm in allowing site users to make some decisions on areas certainly not every decision but I think some would be good just to allow people to feel more involved and that they have a say, after all the editorial team is 8 people now how many users does this site have? a few thousand maybe? so we have 8 people making all the decisions, in fact we don't generally know when these decisions are made or what they are about.
and its also not the case that a town council makes all the decisions for local people, in the UK we have had several towns recently ask people who live in them if its OK to raise taxes and they said yes, so just because a town has officials it doesn't mean the locals don't have a say over some things.
once again thanks for the response, actually yours has been the most constructive from the applevis side of things, at least it has more detail than just no not going to happen and its for security with no explanation surrounding it, you have explained a little bit of your reasoning which is appreciated, and while I still totally disagree with that particular decision and see it as overkill you have given me a level of detail and consideration which is all I was asking for in the beginning.
The best and most direct way for anyone to raise a concern, ask a question, or provide us feedback, is via our contact form at http://www.applevis.com/contact. When you send a message via the contact form, it is emailed directly to all Editorial Team members--allowing us to very quickly address any issues people bring to our attention. We can't promise a particular outcome, of course... but what we can promise is that we will listen to you, and if we can make the change you're asking for and doing so makes sense when considering site operations as a whole, we will gladly do so.
Here is a link to a page on the site which explains more about the functions of the AppleVis Editorial Team, as well as a listing of who is currently a member of the team: https://www.applevis.com/applevis-editorial-team.