Question: Does it depend what you are doing that make it okay to check the “keep me signed in” box? I know I would not do this on my bank account or maybe my medicine/health/doctor site, but would just shopping be ok?
– Spouse Peripheral
Bluewater Bay, Florida
Answer: Seems like there are a whole bunch of behaviors and questions that a typical user is expected to understand, doesn’t it? I’ve said before that Microsoft seems to think that every one of their users has a degree in Computer Science. To some extent that appears to be true for the entire industry. In my experience, what they think is obvious is not obvious at all, and rather than having users who are all computer scientists, the people who use these products range from toddlers to the elderly, and only a limited subset of them have any formal training.
Okay, for those of you who don’t know what Spouse Peripheral, aka, my wife Wendy, is talking about, she’s referring to those instances when you visit a website that makes you sign-in using your credentials, and it offers you the option to stay signed in. The wording might vary from “signed in” to “logged in” and it might say “stay” or “keep me” or something similar, but the basic idea is that it’s asking you whether the site should keep your login credentials active from this computer until you explicitly sign out, or something else happens to end your current session.
So, the unasked questions here are, what are the advantages, and what are the risks of staying signed in? As my dear Spouse Peripheral alluded, like so many of the other questions that I’ve answered here in It’s Geek To Me, the answer is “It depends.” I think this one is best addressed by breaking it down into “Why would I…” and “Why shouldn’t I…” discussions, and what factors affect the answers for each.
First of all, why would you want to do this? The simple answer is that having websites keep you logged-in results in a smoother user experience. You hit a site, and you’re instantly in without being bothered by a dialog asking for your credentials. In other words, it’s a direct line to the content that is the entire reason for which you’re visiting a site.
Interestingly enough, the reason you might want to do this is the same reason why you might not want to do it. This is where the “It depends” part comes in to play. If the computer you’re using is only accessible by people whom you trust to access the sites using the credentials you leave active, then sure it’s safe and desirable, even for those sites SP mentioned: bank, doctor, etc. Most people would say that computers in their home qualify, but that assumes you’re okay with your spouse, your kids and visitors in your home who might borrow the system reading your e-mail, seeing your bank balance, reading about your last doctor visit, and so forth. In the case when the computer is public, such as those in libraries, or the Business Center of a hotel you’re visiting, then it’s absolutely not safe. In fact, I would go so far as to say that even if you don’t tell the system to keep you logged in, you probably want to avoid accessing your personal information on a public computer unless it’s absolutely necessary.
You should use similar precautions when accessing public Wi-Fi. No longer limited to Internet Cafés and coffee houses, publicly accessible Wi-Fi is everywhere these days. You should approach any use of public Wi-Fi with caution, and never access any sites that process financial or other personal information.
To view additional content, comment on articles, or submit a question of your own, visit my website at ItsGeekToMe.co (not .com!)
