Thanks for the responses! This is what I love about FT.
Please e-mail a PDF print-out/screenshot of your EF account summary [...]
I've sent the mail requested with a PDF of my account subscription page. Look forward to an opportunity to explore KVSTool!
Originally Posted by
ExpertFlyer Voice
While we understand your concern, it seems you’ve made some assumptions that aren’t true.
I humbly admit my speculation was just that - I certainly didn't know any of the reasons for the 45 minute timeout other than the vague security claim in the FAQ. And I certainly didn't intend to make any inflammatory accusations. After reading the explanations provided, I have a greater sense for the reasons the service exists as it does today. Might I suggest that it's possible to allay the concerns you've listed and still provide a hassle-free service?
Originally Posted by
ExpertFlyer Voice
Since you could potentially see a subscribers name, address, phone number, the company they work for, email address(es), and some limited billing information, we thought best to be conservative and error on the side of caution.
Most sites (including our own FT) resolve this concern with a simple "Remember Me" checkbox on login. It can be unchecked for the same level of protection by default, but still allowing users the option of declaring this a private computer. Or consider what Amazon does: a 'soft' logoff after a certain amount of time that will restrict access to sensitive account information, but still keeps the user logged in so that site preferences and buying habits can be respected.
Originally Posted by
ExpertFlyer Voice
If sessions never timed out then the system would run out of resources fairly quickly considering the size of our user base.
I would certainly be OK if the backend server session timed out and whatever state maintained was lost. As long as the cookie on my machine could automatically reauthenticate me and allow me to start using EF again without retyping my password.
Originally Posted by
ExpertFlyer Voice
Each user is only allowed to have one active session at any one time
Also perfectly OK with this; it's fine to logoff/end any prior sessions when I log on to a new location. Basically the same way most IM services work: stay signed in one location until you provide your password at a new location.
Originally Posted by
ExpertFlyer Voice
We think having to login to a website is a small price to pay
Thanks, but I'd rather pay for the service all upfront in cash than with a dozen micropayments of my time every day.
I won't pretend to understand the entire system or the constraints that exist, so please just consider the post a request for a way to make my usage patterns a little less burdensome. Any way you provide that will allow me to use my home computer day-in and day-out without constantly re-logging-in would be a welcome improvement. Thanks for listening to your customers!