[OpenID board] Staying signed in to openid.net

[Martin Atkins]

Brian Kissel wrote:
> This is something that Refresh media set up some time ago so that the login timed out after 2 hours.  Refresh has recommended increasing the timeout period to 12 hours and Mike Jones has approved that.  Will that be sufficient for everyone?
> 

That seems like a reasonable fix for now, but in the long term I think 
what Chris was requesting was something more like a "Remember me" option 
where the session will stay active until he explicitly logs out.

Since access to the OIDF membership area is low-value (there's some 
personal information and the ability to vote on things that aren't of 
interest to anyone outside of the OpenID community) I don't think having 
indefinite sessions poses a terrible security risk. I'm happy to be 
disagreed with, of course. :)

(To be clear, though, I don't suggest anything more than fiddling with 
the settings until the election is completed.)