Web Application " Keep me signed in" options
Posted on 2010-08-29
I was planing to implement "Keep me signed in" options on my application which required login each time and will time out after 30 minute time out idle currently.
1) what is the standard way to implement it with top security? Currently I am using cookie, session on my application.
2) How should i monitor on the application after implement this (security aspect) ? Any standard step should i implement it?
currently, i keep all user public IP address, login ID, and time, and which application he/she access.
please advice, many thanks.