Are you responsible for making OJS work -- installing, upgrading, migrating or troubleshooting? Do you think you've found a bug? Post in this forum.
Moderators: jmacgreg, btbell, michael, bdgregg, barbarah, asmecher
The Public Knowledge Project Support Forum is moving to http://forum.pkp.sfu.ca
This forum will be maintained permanently as an archived historical resource, but all new questions should be added to the new forum. Questions will no longer be monitored on this old forum after March 30, 2015.
It seems OJS is using cookie to keep track of whether a user has login or not. After a user logins, if he/she does not logout, even he/she closes the browser and powers down the computer, next time he/she can access (by pasting the url into the browser ) some of the password-protected pages without login again.
Will it pose a security problem?
- Posts: 10
- Joined: Mon Dec 19, 2005 11:00 am
- Location: Edmonton, Canada
Unless you checked the "Remember Me" box when you logged in, OJS's login cookie will be forgotten when you close the browser and you should have to log in again next time. This is standard practice for sites using cookies for session tracking -- even banking sites often work this way. The most effective way to ensure that your account is secure is to log out and close the browser window when you're finished.
Open Journal Systems Team
- Posts: 10015
- Joined: Wed Aug 10, 2005 12:56 pm
Return to OJS Technical Support
Who is online
Users browsing this forum: Baidu [Spider], Yahoo [Bot] and 3 guests