Unbind sessions from IP address

[MichaelJ 0]

At the moment, the forum binds each login session to an IP address, if that session changes, you are logged out.

Would it be possible to change the way how sessions are handled to remove the binding to IP address? I use 3G internet to connect to the forum in my spare time on my laptop, and so it never remembers my session for that long since my IP address is always constantly changing, but it is the same machine.

[Betsy Speicher 0]

At the moment, the forum binds each login session to an IP address, if that session changes, you are logged out.

Would it be possible to change the way how sessions are handled to remove the binding to IP address? I use 3G internet to connect to the forum in my spare time on my laptop, and so it never remembers my session for that long since my IP address is always constantly changing, but it is the same machine.

I don't think so. It's just the way the FORUM software works.

I also have the same problem of having to log in again when I use Facebook or iTunes on my iPhone.

[MichaelJ 0]

I tether via iPhone so I think I am using a similar setup to you.

iTunes doesn't seem to keep details for that long at all, even when I use a fixed static IP connection on a landline.

I think its a security feature to stop people stealing credit. (i.e. Using your account and credit card details to send themselves gift certificates)

But thanks for looking into it tho, I guess I got to wait until IPv6 is rolled out so I can keep the same IP's for my machines no matter where I roam.

[JeffT 0]

At the moment, the forum binds each login session to an IP address, if that session changes, you are logged out.

Would it be possible to change the way how sessions are handled to remove the binding to IP address? I use 3G internet to connect to the forum in my spare time on my laptop, and so it never remembers my session for that long since my IP address is always constantly changing, but it is the same machine.

I second this. I realize it's probably as an extra security measure, but few sites do it and password protection should be good enough. (If an attacker stole the login cookie, they probably have the means to steal the password.)

Also, if one is behind a proxy or NAT server that rotates among multiple connections, the forum would be nearly impossible to use logged in. Though maybe those don't exist anymore, if nobody has complained about this more acute situation. (My cable Internet provider worked like this (optionally) way back in 1997.)

[MichaelJ 0]

At the moment, the forum binds each login session to an IP address, if that session changes, you are logged out.

Would it be possible to change the way how sessions are handled to remove the binding to IP address? I use 3G internet to connect to the forum in my spare time on my laptop, and so it never remembers my session for that long since my IP address is always constantly changing, but it is the same machine.

I second this. I realize it's probably as an extra security measure, but few sites do it and password protection should be good enough. (If an attacker stole the login cookie, they probably have the means to steal the password.)

Also, if one is behind a proxy or NAT server that rotates among multiple connections, the forum would be nearly impossible to use logged in. Though maybe those don't exist anymore, if nobody has complained about this more acute situation. (My cable Internet provider worked like this (optionally) way back in 1997.)

A lot of medium sized businesses in Australia have a setup similar to that, the business gateway will rotate http requests between 2 seperate ADSL connections for load balancing to make sure all employees can get fast access to the outside world.

Prior to tethering, the forum was completely inaccessible for posting from those locations since you would be lucky to browse past the "Redirecting" pages before you got logged out.