Skip to main content (Press Enter).
Sign in
Skip auxiliary navigation (Press Enter).
Contact Us
Code of Conduct
Join
Support
Skip main navigation (Press Enter).
Toggle navigation
Search Options
Home
Communities
All Communities
My Communities
Announcements
Beginners and Non-Techies
Community Management
Designer's Corner
Email Q&A
Products Q&A
Network
Member Directory
Partner Directory
Events
Upcoming Events
Higher Logic Super Forum
Learning Series
SNAP! Product Training
Higher Logic Academy
Browse
Everything
Discussion Posts
Library Entries
Glossary
Blogs
Library Favorites
Participate
Post a Message
Share a Resource
Super Forum Session Suggestions
Join a Community
Help
Documentation & Support
SNAP! Product Training Archives
Go-To-Market Library
Resources for New Admins
HUG Buzz
Web Controls
Success Kits
API Documentation
CSS Knowledge Bank
Twitter Resources
CSS Squad
Browse
Glossary
Glossary Entry
Aggressive Cookie Strategy
Final
For most of us, we have a single sign-on (SSO) solution in place to enable our visitors/members to access pages and functionality across all of our various applications (content management, connected community, ams e-commerce , etc...). Cookies are the glue that hold this single sign-on experience together. A "cookie" is dropped by your main authentication process, and within this "cookie" is the information needed by your other applications when you hand a visitor/member over from one application to the other.
Most "cookies" have relatively short life spans (just like in real life). It is common for "cookies" to expire after 20 minutes. An aggressive cookie strategy, therefore, is simply choosing to increase the lifespan of a "cookie" to an hour, a day, a week, a year or for a very, very long time. The benefit to this approach is that as long as a visitor/member comes back to your site using the same machine and the same browser, their "cookie" will be recognized and they will not be asked to log in.
Obviously, an aggressive cookie strategy emphasizes member convenience over security (although the overall security risk is minimal), so you should never implement it unless you have thought thru the trade-offs.
(Thanks, Brett!)
#Being Considered
Created By:
Kathleen Simpson
Dec 08, 2011
Last Updated By:
Mark Eichler
Aug 03, 2018
0 comments
0 Views
5 revisions
1
Like
Permalink
Related Links
No Related Resource entered.
Home
Communities
All Communities
My Communities
Announcements
Beginners and Non-Techies
Community Management
Designer's Corner
Email Q&A
Products Q&A
Network
Member Directory
Partner Directory
Events
Upcoming Events
Higher Logic Super Forum
Learning Series
SNAP! Product Training
Higher Logic Academy
Browse
Everything
Discussion Posts
Library Entries
Glossary
Blogs
Library Favorites
Participate
Post a Message
Share a Resource
Super Forum Session Suggestions
Join a Community
Help
Documentation & Support
SNAP! Product Training Archives
Go-To-Market Library
Resources for New Admins
HUG Buzz
Web Controls
Success Kits
API Documentation
CSS Knowledge Bank
Twitter Resources
CSS Squad
Higher Logic | 1501 Lee Highway, Suite 303, Arlington, VA 22209 | hug@higherlogic.com | (202) 360-4402
Powered by Higher Logic