"Remember me" login functionality

Decisionisti
Decisionisti used Ask the Experts™
on
The "Remember me" login functionality is widely used in web sites (Experts exchange included), to automatically sign in the user with the last access userID.
Is a good practice provide this functionality in a web enterprise application, like an ERP or Business intelligence tool?

What is a best practice to implement it? In wich way should be set the cookies?

Thank you
Comment
Watch Question

Do more with

Expert Office
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®
Imtiaz HashamTechnical Director / IT Consultant

Commented:
It's not a problem if the ERP is used internally only, however, if you have Active Directory for authentication, why don't you ask the ERP to authenticate from the LDAP Login Credentials?

As far as cookies go, the remember me functionality uses cookies to remember you so deleting the cookies will delete the stored information (passwords are stored separately and more securely).

Author

Commented:
Yes it's possibile to use LDAP, but not in this case. The itkamaraj comment is ok, the only remaing part is if is a good practice provide this functionality in a web enterprise application.

Thank you
Technical Director / IT Consultant
Commented:
Only if it's internally used because if it's being used externally and someone saves their password on another computer which doesn't have adequate security.

Do more with

Expert Office
Submit tech questions to Ask the Experts™ at any time to receive solutions, advice, and new ideas from leading industry professionals.

Start 7-Day Free Trial