Jump to content

"Remember this browser for 30 days" never actually works


Recommended Posts

Many forums do not like it when you bump an old post, but here is an old post that is still as true today as it was 3 years ago.

Repro steps:

  1. Browse to evernote.com as a logged-out user with 2FA
  2. Fill in your credentials and check the "Remember this browser for 30 days" box
  3. Enter your 2FA code and check the "Remember this browser for 30 days" box again.
  4. Close your browser and go back to evernote.com

Expected Behavior: Either (a) the browser should be logged in and go directly to notes, or (b) the browser is logged out but does not require 2FA.

Actual Behavior: The browser is logged out requiring steps 1-3 again.

Link to post
  • Level 5*

Hi.  You're correct in one respect - we don't like it.  But it isn't 'as true today' because the version of the web app that you're currently using is only about 6 months old. 

Plus I think I have seen an Evernote comment that it's truly bad security to allow your device instant access to your database without a security check.  (I could be wrong.)

To get an Evernote perspective on this - contact Support https://help.evernote.com/hc/requests/new (which we're not.)

Link to post
  • 4 weeks later...

@gazumped Evernote on desktop web has had the same login bug for years, which is a very good indicator to me that whatever they upgraded 6 months ago, their login action was not included in the update. And it is not "truly bad security" for your web browser to keep its session. 

Credentials: I'm an engineer maintaining one of the most used Oauth login products on the web today (Facebook Login), and have implemented many web login solutions in my day.

Link to post
  • Level 5

Works for me, on Safari (Mac & iOS) and Firefox (Mac). The browser takes me right to the start page, within a time frame of multiple days after one login using the „remember me...“ checkbox - 2FA is enabled. Have not plotted whether it is exactly 30 days.

No experience with Chrome. Not working „remember“ could be rooted in the security / privacy settings, or plugins.

Yet tried support on this ?

Link to post
  • Level 5*
14 hours ago, Brandon Arnold said:

And it is not "truly bad security" for your web browser to keep its session. 

I have,  as they say,  no opinion on this - I was quoting (I thought) Evernote - but I could've been wrong.

It's still true that most people are now using a completely re-tooled version of the website,  so if the issue remains,  it could be by design.  Just sayin'.

  • Like 1
Link to post

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
×
×
  • Create New...