chasd wrote:
I log into RoundCube with an available account and leave the computer. The next day, I'm still logged in. So if I log in from a public
computer and forget to log out, my account is predestinated to get compromised.IMHO, some things are about good habits.
If I leave my house without locking it, my house is predestinated to
get compromised. If I leave my car without locking it, my car is predestinated to get
compromised.Which isn't to say that RoundCube isn't doing something
inappropriate, or couldn't do something better. For example screen savers can set to lock the screen after a period
of time, but are not set that way by default.However the main part of this issue is good habits, and that software
can't do _everything_ for you.Charles Dostale System Admin - Silver Oaks Communications http://www.silveroaks.com/ 824 17th Street, Moline IL 61265
Hmm, not sure I agree there. While things like locking your car is common sense, logging out, unfortunately, is not, for most people. Of course, in a world where everybody fully (or even just a little) understands on-line security, this is not a big deal. Right now, though, this is not how it is. By locking out this user group you are effectively removing access to your system from a lot of users.
Might I add that it is not unheard of for people to actually forget to lock their car? I think it would actually be quite nice if my car locked itself after a while of "inactivity" (provided I use some key-system like passwords where I can't leave them inside and lock myself out).
greetings,
Hraban Luyat
P.S.: According to most Canadians, an unlocked house is actually not "predestined to get compromised" ;) _______________________________________________ List info: http://lists.roundcube.net/users/