Anmelden:     

Forum: General Discussion

Topic: new website - first impressions - Page: 9

Dieser Teil des Themas ist veraltet und kann veraltete oder falsche Informationen enthalten

Are you shure that you keep Cookies after closing the browser ?

The website is already logged in once you did. Even after closing/reopening the browser. Working here without issues.

You should check if some kind of cleanup software, firewall , Internet security software removes all cookies of the browser when closing it.

Then it would be like you described that you need to relogin every time you visit.

Greets, Heiko

P.S: Working in Firefox & IE here
 
jakovski wrote :
Are you shure that you keep Cookies after closing the browser ?

The website is already logged in once you did. Even after closing/reopening the browser. Working here without issues.

You should check if some kind of cleanup software, firewall , Internet security software removes all cookies of the browser when closing it.

Then it would be like you described that you need to relogin every time you visit.

Greets, Heiko

P.S: Working in Firefox & IE here

I'm getting the same problem here on all computers and all browsers. None of them give me any problems with any other website, and I never experienced this problem on VirtualDJ's website before the upgrade.

I can definitely confirm I am not running any cleanup software, or any unusual firewall/interent security software.

Actually, given that you profile lists you as someone who works at Atomix, I would suspect the reason you are not experiencing this problem is because VirtualDJ.com is your local domain on your network, and your firewall is being very permissive of clients on it's local network.

Login and view this very thread on Chrome. Keep Chrome open, but open Firefox at the same time. Login and view the same thread in Firefox. Now reload the thread in Chrome - you will see you have been logged out.
 
Hi,

yes - i am working for Atomix but this is not an issue of Firewall cause i use the normal Internet and i am not connected to the domain itself or via VPN.

If you login with Firefox - you get a cookie.
If you login then using Chrome - you need to relogin and get a new, different cookie.
If you go back to Firefox you are logged out.

This is normal website behaviour. The only differece is that you get logged out of the old session when you login and create a new one. This is for security reasons.

Many websites don't care about that so if you use a different browser to login fromm the same machine you get the same session which causes that you can switch between the browsers cause they have the same session cokkie.

Sorry if i did not get the point of switching the browser while reading/posting in the forum.

Greets, Heiko
 
jakovski wrote :

yes - i am working for Atomix but this is not an issue of Firewall cause i use the normal Internet and i am not connected to the domain itself or via VPN.

If you login with Firefox - you get a cookie.
If you login then using Chrome - you need to relogin and get a new, different cookie.
If you go back to Firefox you are logged out.

This is normal website behaviour.


No - that is the opposite of normal website behaviour.

Cross browser sessions should be kept completely separate from each other, and the website should not know or care whether the user is logged in using multiple browsers. Try this on Facebook, YouTube, Twitter, Tumblr, Yahoo, Flickr, etc... - they all allow you to remain logged in across multiple browsers.

jakovski wrote :
The only differece is that you get logged out of the old session when you login and create a new one. This is for security reasons.


Can you specify what those security reasons are? Because none of the websites I listed above appear to have those security issues.

jakovski wrote :
Many websites don't care about that so if you use a different browser to login fromm the same machine you get the same session which causes that you can switch between the browsers cause they have the same session cokkie.

And as I explained in my post, this is what I would expect to happen, but is not actually happening. Logging in from a different browser on the same machine logs you out of the other browser on the same machine.

I'm not sure who you use as your web developers, but take it from someone who has made a living out of developing websites for 15 years - this is *not* normal behaviour.
 
Its of course not how "normal" logins work, its how our login works ;)
And is same in the VDJ software.. You are only logged in from one place at a time, and logging in, logs out other places.

Its made intentionally by design, for security reasons and practical reasons ;)
 
Let me give you a simple example - you Computer get's infected by a Trojan. Someone could take over your session and change your password easy.

This issue is present on all the other websites you listed cause they don't really care about it. ("search for trojan take over session cookie" in google)

Anyway - this is not 100% safety but it's ok in my eyes. Never used 2 different browsers to ogin to the same page. Why should this be useful ? (just my own interest)

Or another exampe.... someone takes over your session, changed your password and use your software. You would not mention it until you logout and try to relogin to the webpage.

Greets, Heiko
 
jakovski wrote :
Let me give you a simple example - you Computer get's infected by a Trojan. Someone could take over your session and change your password easy.

This issue is present on all the other websites you listed cause they don't really care about it. ("search for trojan take over session cookie" in google)

Anyway - this is not 100% safety but it's ok in my eyes.

Exactly - it's an acceptable risk that everyone is OK with, because the trade-off (having to login every single time you switch to a different device/browser) is not practical.

jakovski wrote :
Never used 2 different browsers to ogin to the same page. Why should this be useful ? (just my own interest)

Well, many people have more than 1 single device that they browse the web on.

For example I have a home desktop PC, a work PC, a MacBook, an iPhone, and an iPad. I would login to the Virtual DJ discussion forum on any of these devices at any time. I don't think that is unusual in this day and age.

I would fully expect I'd have to login the first time I accessed the website on a new device, but I would not expect to have to manually re-enter my login details on all other devices just because I accessed the website from a new device/browser.

jakovski wrote :
Or another exampe.... someone takes over your session, changed your password and use your software. You would not mention it until you logout and try to relogin to the webpage.

How does someone 'take over' my session exactly? You mean if I left myself logged in from another computer?

If so, you could seriously reduce the possibility of this happening by giving users an option to decide whether or not the website should remember their session. Like a tickbox that says "Remember Me". Like your website used to have.

Besides which, how many times has this actually even happened to Virtual DJ users? What percentage of website users have had this issue such that you've decided it is a big enough problem to lock down?

dj-in-norway wrote :
Its of course not how "normal" logins work, its how our login works ;)

Are you saying you've made a conscious decision to not use well tested, and globally accepted design practices?

dj-in-norway wrote :
And is same in the VDJ software.. You are only logged in from one place at a time, and logging in, logs out other places.

OK, but a website is not the same as a DJ-ing application. A website is not (and should not) be device specific.

By trying to blend two very different use-cases, you have reduced the effectiveness of both products.

dj-in-norway wrote :
Its made intentionally by design, for security reasons and practical reasons ;)

This design provides practically zero additional security since the cookie still remains valid in the last browser used until the user logs in from another device.

And I assume the 'practical reasons' you refer to are that it's easier for your web developers, because it's absolutely not practical to have to re-enter your login details every single time you access the website with a different device.
 
I just have my browser remember my credentials and press one button and i'm in.

No biggie for me personally.
 
djtouchdan wrote :
I just have my browser remember my credentials and press one button and i'm in.

No biggie for me personally.


So basically, all the people who are OK with this are Atomix staff, and all the people who are not OK with it are customers.

Am I the only one who sees the problem here?
 
I'm a customer, and I don't have a problem. Every site I go to ask me to log in, and they know who I am. I go to ebay, amazon, paypal, they all say hello Richard. But as soon as I want to do something, they ask me to log in. Why are we slitting our wrist, about something so small? My user name and password are set in VDJ, all I have to do is hit the sign in tab. What is so hard about that?
 
djnanite wrote :

So basically, all the people who are OK with this are Atomix staff, and all the people who are not OK with it are customers.

Am I the only one who sees the problem here?


Not at all. Of the millions of users who visit this site, only a handful are against the new login method.

As i said, for me its a 1 click. It doesn't make any difference to me.
 
djtouchdan wrote :
djnanite wrote :

So basically, all the people who are OK with this are Atomix staff, and all the people who are not OK with it are customers.

Am I the only one who sees the problem here?


Not at all. Of the millions of users who visit this site, only a handful are against the new login method.

As i said, for me its a 1 click. It doesn't make any difference to me.

OK.

But why remove the 'Remember Me' option in the first place?
 
I'm here, and just checked on my Samsung Galaxy S5, with Chrome, and it remembers. Maybe it's automatic now, but I just have to press the sign in tab. My username and password, are visible.
 
So, can anyone from Atomix answer my previous questions:

1. Why was the 'Remember Me' option removed?
2. What 'Security reasons' did you have for removing multiple simultaneous logins?

Thanks!
 
we have decided on having one login pr device, at least for now..
thats all ;)

Lets see, might change or not - but thats how we're doing it for now
 
Nice clean look...

Still a couple things that go way back

o - when you do a search and then go back, you get an annoying page expired, and then have to search again for same thing you just searched for. Searching in general could be improved.

o - would be nice to be able to edit a post at anytime instead of the brief period you get now. This is a pretty rare need but I have to bother one of you guys every now and then to make a change.
 
How about an extended editing time based on your level? The higher you rank, the more time you get.

By the way - using Firefox, some uploaded images break the right hand side of the page, making it impossible to see/use the quote and edit icons. Example: the thread here (linked)
 
Would be good if the editing area had greater height when making a post. If your post has any length to it, the way it is now makes it hard to read.
 
I have noticed, that everytime a user edits his post, the topic icon is changing to the "new post" icon and the last post date is updated too.
But the date of the post itself (as shown above the post) is not updated.

Not sure if it's better to display the new post icon if just an editing was made.
The old forum did not behave like that.
 
Personally i prefer being notified of the changes.

Often people will write one thing, change their mind and write something completely different. So it's nice to see the changes.
 
95%