Received from Bruce Bowman at 10/16/2018 02:19 AM UTC:
On Mon, Oct 15, 2018 at 09:55 PM, Jim Higgins wrote:
Do you know the rationale for a 1-month expiration... or can you imagine one? (I don't and can't.)
A logon is, more than anything, a confirmation of identity. And my opinion is that a periodic identity check is a reasonable thing to do. Otherwise you could go on a long vacation or die or whatever and anyone else could use your computer to post under your name for an indefinite period of time.
I agree that a log-on is a confirmation of identity... if it involves a user name, and a password that the user keeps secure. But that's not the case with Gio.
With Gio, literally anyone with access to the user's computer (or just the email account) can request for a log-in link. No need to know a password and thus no strong assurance of true identity. It's convenient for people who can't deal with passwords, but it leads to the "regularly dropped from group" complaints (see subject line above) that we see several times weekly in GMF. It's a solution to one problem and the cause of another problem.
I think the complaints about "dropped from group" would decrease substantially, and security - which is marginal via the "request a log-in link" approach to begin with - wouldn't be materially affected if the current log-in cookie were automatically renewed for a month each time the user logs in. Users would only be "dropped from group" if they didn't log in for a month, rather than being dropped every month despite logging in several times a day.
The current approach makes no sense to me given the level of confusion over being "dropped from the group."
Jim H
