[Ads-l] A quick review of the new OED.com

James Eric Lawson jel at NVENTURE.COM
Fri Jul 28 07:19:07 UTC 2023 

After tracking my OEDO activity, I confirmed my suspicion that my 
session was being logged out regardless of continuing dictionary look up 
activity. I sent that information to OED. Perhaps, with luck, the result 
will be a near-term modification of the time out behavior. I can 
probably live with a 45-minute *inactivity* time out, although it's not 
ideal.

On 7/27/23 11:37, James Eric Lawson wrote:
> Following your lead (because I despair *a priori* of getting the 
> technical crew to listen--this despite my own decades, starting in the 
> 1980s at the Minnesota Supercomputer Institute among other places, of 
> willy-nilly part-time work as a computer systems administrator, 
> programmer, and general computer dogsbody), I sent email (see below) to 
> both the technical and general OED email addresses. Their kindly worded 
> reply to my rather cranky complaint suggests there may be hope yet...my 
> bank, for example, simply advises "users" to be sure to log out if 
> working on a shared computer.
> 
> On 7/26/23 12:21, Grant Barrett wrote:
>> For me the biggest issue is that the login cookies only last 45 
>> minutes! I
>> am now signing in many more times a day. I sent an email about it and 
>> got a
>> reply saying that it's for security reasons. It's just me, at home,
>> working, OED. Nobody is sneaking into my house to look up etymologies 
>> on my
>> user account. GB
> 
> **Email to "OED General Comment" and "OED access/technical query":**
> 
> I like to leave my dictionary open on my desktop for easy access. The 
> new version of OED Online locks itself after a short interval, then 
> requires the elaborate sign-in procedure for continued use. This is an 
> aggravating waste of my time.
> 
> If the change is intended to address a security issue, it doesn't 
> improve security, it weakens security; every time my password goes 'over 
> the wires' it is exposed to random attacks, whereas the authorization 
> cookie is only vulnerable to those with access to my computer (me).
> 
> Please revert to authorization cookies without time out.
> 
> Thank you,
> 
> James Eric Lawson
> 
> **And their kind reply:**
> 
> Dear James Eric Lawson,
> 
> Thank you for your email regarding the 45-minute inactivity timeout on 
> the new OED website.
> We understand that this change may be inconvenient for some users, and 
> we appreciate your feedback.
> 
> As you correctly pointed out, the 45-minute timeout was implemented as a 
> security measure to protect user accounts from unauthorized access, 
> particularly when using a shared device. When a user leaves their 
> account logged in for an extended period of time without activity, their 
> account may be vulnerable to takeover and their personal details 
> exposed. The automatic timeout helps to mitigate this risk by logging 
> the user out after a period of inactivity.
> We apologize for any inconvenience the 45-minute timeout may cause but 
> hope you understand our need to balance security with user expectations.
> 
> I understand your point that this is less of a risk when using a 
> personal computer, and your feedback will be logged - I can't promise 
> changes will be implemented, but the team are carefully looking at all 
> feedback received.
> If you have any further questions or concerns, please do not hesitate to 
> contact us.
> Thank you for your understanding.
> 
> Kind regards,
> The OED team
> 

-- 
James Eric Lawson

------------------------------------------------------------
The American Dialect Society - http://www.americandialect.org

More information about the Ads-l mailing list