If you are doing internet banking on your own computer and your bank automatically logs you out is there an absolute need to log out after each session?
I get slightly peeved as one bank goes to a check page and I have to say 'yes' to log out, one to a check page that I have to say 'no' and the third just does away. I seem to spend a lot of time waiting for this check page on my (currently) 28.8k connection!
Mark BR
It depends on your home situation - the secure connection is between your pc and the bank, so nobody else can intercept it. The logging off is to prevent the next user of the computer - your family if at home , or the next user if at work or a cybercafe - being able to continue accesing your accounts where you left off.
So if you live on your own, close the browser and forget about it.
If you were to disconnect from the internet without logging out, the next person to get your IP address could potentially hijack your session and access your account details.
It is very unlikely that it would happen, they would also need to know your session ID, but there is a theoretical possibility that it could happen.
How interesting. iii have revamped their web pages since taking over from ample. I can log in but have failed so far to find out how to log off (like what was possible when ample ran it). Advice on how to do it is always welcome.
No, not true, they would have a tiny fraction easier time in doing it, it would be far from trivial, and the rewards from any attempt at this sort of fraud would be minute.
but the theoretical possibility isn't particularly raised by not signing off (someone in a position to sniff packets and decrypt SSL communications to get the session ID are not particularly concerned about needing to spoof an IP address too)
No reason to be unduly alarmist, there are good reasons to sign off explicitly, but the next bloke to get the IP address isn't one of them.
Jim.
Login, but fail the login might do it. It depends upon what the programmers have done at that point.
Daytona
I'm interested to see someone else mentioning this ! I find it patronising when websites fail to respect my instruction, and consequently, I ignore the question when I use my home PC.
Daytona
Oh no, the confirm for things that really don't need confirming is one of the big UI mistakes in the world today, it's very commonly mentioned.
However, web UI designers and developers are extremely rare beasts, you'll generally just get back-end programmers hacking something up, which is why so many sites are so awful.
Jim.
BeanSmart website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.