Overview

The Persistent Login module provides the familiar "Remember Me" option in the user login form. Additional security is provided by using two tokens (one long-running, one per-access) that allow the detection of unauthorized token use.

Persistent Login is independent of the PHP session settings and is more secure (and user-friendly) than simply setting a long PHP session lifetime. For a detailed discussion of the design and security of Persistent Login, see Improved Persistent Login Cookie Best Practice.

Features

  • Control how long user logins are remembered, before a user will have to enter their credentials again.
  • Control how many different persistent logins are remembered per user.
  • Control which pages a remembered user can or cannot access without explicitly logging in with a username and password (e.g. you cannot edit your account or change your password with just a persistent login).
  • A user can clear all of his/her remembered logins via their account page.

Known Problems

#327263: Possible false security warning: If a user opens several pages of a website simultaneously, the first request will invalidate the token and may cause the subsequent requests to trigger the security alert.

Maintainers

GitHub Mirror

https://github.com/gapple/persistent_login

Downloads

Recommended releases

Version Downloads Date Links
6.x-1.4 tar.gz (24.93 KB) | zip (36.31 KB) 2010-Jan-08 Notes

Development releases

Version Downloads Date Links
7.x-1.x-dev tar.gz (18.57 KB) | zip (21.21 KB) 2011-Sep-18 Notes
6.x-1.x-dev tar.gz (17.65 KB) | zip (20.22 KB) 2011-Aug-29 Notes

Project Information


Maintainers for Persistent Login

  • gapple - 13 commits
    last: 21 weeks ago, first: 25 weeks ago
  • markus_petrux - 40 commits
    last: 1 year ago, first: 2 years ago
  • bjaspan - 65 commits
    last: 3 years ago, first: 5 years ago
  • moshe weitzman - 2 commits
    last: 3 years ago, first: 3 years ago

Issues for Persistent Login

To avoid duplicates, please search before submitting a new issue.
All issues
Bug reports
Oldest open issue: 1 Oct 07