[Ads-l] A quick review of the new OED.com
James Eric Lawson
jel at NVENTURE.COM
Thu Jul 27 18:37:53 UTC 2023
Following your lead (because I despair *a priori* of getting the
technical crew to listen--this despite my own decades, starting in the
1980s at the Minnesota Supercomputer Institute among other places, of
willy-nilly part-time work as a computer systems administrator,
programmer, and general computer dogsbody), I sent email (see below) to
both the technical and general OED email addresses. Their kindly worded
reply to my rather cranky complaint suggests there may be hope yet...my
bank, for example, simply advises "users" to be sure to log out if
working on a shared computer.
On 7/26/23 12:21, Grant Barrett wrote:
> For me the biggest issue is that the login cookies only last 45 minutes! I
> am now signing in many more times a day. I sent an email about it and got a
> reply saying that it's for security reasons. It's just me, at home,
> working, OED. Nobody is sneaking into my house to look up etymologies on my
> user account. GB
**Email to "OED General Comment" and "OED access/technical query":**
I like to leave my dictionary open on my desktop for easy access. The
new version of OED Online locks itself after a short interval, then
requires the elaborate sign-in procedure for continued use. This is an
aggravating waste of my time.
If the change is intended to address a security issue, it doesn't
improve security, it weakens security; every time my password goes 'over
the wires' it is exposed to random attacks, whereas the authorization
cookie is only vulnerable to those with access to my computer (me).
Please revert to authorization cookies without time out.
Thank you,
James Eric Lawson
**And their kind reply:**
Dear James Eric Lawson,
Thank you for your email regarding the 45-minute inactivity timeout on
the new OED website.
We understand that this change may be inconvenient for some users, and
we appreciate your feedback.
As you correctly pointed out, the 45-minute timeout was implemented as a
security measure to protect user accounts from unauthorized access,
particularly when using a shared device. When a user leaves their
account logged in for an extended period of time without activity, their
account may be vulnerable to takeover and their personal details
exposed. The automatic timeout helps to mitigate this risk by logging
the user out after a period of inactivity.
We apologize for any inconvenience the 45-minute timeout may cause but
hope you understand our need to balance security with user expectations.
I understand your point that this is less of a risk when using a
personal computer, and your feedback will be logged - I can't promise
changes will be implemented, but the team are carefully looking at all
feedback received.
If you have any further questions or concerns, please do not hesitate to
contact us.
Thank you for your understanding.
Kind regards,
The OED team
--
James Eric Lawson
------------------------------------------------------------
The American Dialect Society - http://www.americandialect.org
More information about the Ads-l
mailing list