Skip to main content (Press Enter).
Sign in
Skip auxiliary navigation (Press Enter).
Join
Education
Knowledge Base
Support
Skip main navigation (Press Enter).
Toggle navigation
Content types
Announcements
Blogs
Communities
Discussions
Events
Glossary
Site Content
Libraries
Date range
on this day
between these dates
Posted by
Home
Communities
My Communities
Online Community Product Communities
Communications Product Communities
Recommended Communities
Education
Academy
Live Training
On-Demand Training
Webinar Recordings
Custom Training
Knowledge Base
Events
Upcoming Events
Product Roadmap
HUG Connect (Office Hours)
Support
Knowledge Base
Create a Case
Resources
Expert Advice
Blogs
Customer Examples
Success Centers
Online Community
Inherited a Community Site
Community Essentials for Customers
Community Essentials for Members
Community Plus
Community Enterprise
Bookmarks for Online Community Super Admins
Design Resources
Communications Help
Communications Professional Advanced Starter kits
Informz | New Admin Experience
Aggressive Cookie Strategy
Final
For most of us, we have a single sign-on (SSO) solution in place to enable our visitors/members to access pages and functionality across all of our various applications (content management, connected community, ams e-commerce , etc...). Cookies are the glue that hold this single sign-on experience together. A "cookie" is dropped by your main authentication process, and within this "cookie" is the information needed by your other applications when you hand a visitor/member over from one application to the other.
Most "cookies" have relatively short life spans (just like in real life). It is common for "cookies" to expire after 20 minutes. An aggressive cookie strategy, therefore, is simply choosing to increase the lifespan of a "cookie" to an hour, a day, a week, a year or for a very, very long time. The benefit to this approach is that as long as a visitor/member comes back to your site using the same machine and the same browser, their "cookie" will be recognized and they will not be asked to log in.
Obviously, an aggressive cookie strategy emphasizes member convenience over security (although the overall security risk is minimal), so you should never implement it unless you have thought thru the trade-offs.
(Thanks, Brett!)
#Being Considered
Created By:
Kathleen Simpson
Dec 08, 2011
Last Updated By:
Mark Eichler
Aug 03, 2018
0 comments
3 Views
5 revisions
1
Like
Daniel Bartnick
Permalink
Related Links
No Related Resource entered.
Higher Logic | 1919 Lynn Street, 5th Floor, Arlington, VA 22209 | hug@higherlogic.com | (202) 360-4402
Powered by Higher Logic