Grow your CSS skills. Land your dream job.

Delete session in Tablet browsers – when browser closed

  • # March 12, 2013 at 6:00 pm

    Hi, i have a website, which contains a user area. on tablets the issue is, if a customer login fails for three times, login is disabled for that session, but on a desktop if you close the browser and try to login again, you get more 3 chance to login.

    but on a tablet once you fail to login three times, login is disabled for that session, but if you restart the browser, there is no change, and you still have the session retained.

    does anyone know a way around this ?
    thanks

    regards

    # March 12, 2013 at 6:10 pm

    Reboot the tablet?

    # March 12, 2013 at 6:18 pm

    Tablet is most likely saving your session. Open the browser, go to settings and clear cache and cookies. Then try again.

    # March 14, 2013 at 5:24 pm

    oh my.

    That’s a lot for a user to do.

    any other way we can do it ? may be using native js or jquery, and can write a script to delete browser cookies when tab is closed or window is closed.

    # March 14, 2013 at 7:09 pm

    Your system has a security functionality built in, that you want to take away with JavaScript. So what is the point of having it in the first place?

    If you go to the source code that is providing this functionality, you could rewrite it to fit your situation little better. Maybe increase the number of attempts, etc…

    I was under the impression you are just trying to test something and needed to clear session of off tablet.

    # March 14, 2013 at 7:16 pm

    Typically, the whole point of “disabling login” is to prevent the user from trying again. By that measure, the tablet is actually doing a better job – you can’t circumvent the feature by closing and reopening the browser.

    Not that I agree that you should be blocking login attempts at all. It’s pointless in security terms, and annoying in regards to UX. It sounds like you don’t *want* your users to be blocked – so why not just “not block them” in the first place?

    There are better options after failed login attempts:

    (1) Show a “forgot password?” page.

    (2) Throttle (slow down) subsequent attempts (this helps guard against brute force attacks).

    (3) Send an email to the account owner to find out if it’s them, or an impostor.

    # March 14, 2013 at 9:09 pm

    > Typically, the whole point of “disabling login” is to prevent the user from trying again. By that measure, the tablet is actually doing a better job – you can’t circumvent the feature by closing and reopening the browser.

    This.

    # March 18, 2013 at 9:51 pm

    I did realize that blocking a user and then restarting the browser to allow login is senseless. so, all i did was end up increasing the number of login attempts.

    Thanks a lot all.

    :)

Viewing 8 posts - 1 through 8 (of 8 total)

You must be logged in to reply to this topic.

*May or may not contain any actual "CSS" or "Tricks".