Beta over protected?

**DarkAngel** · 23 Sep 2011, 01:46 AM

Originally Posted by kuroi

I agree, but only if you don't accept credit cards or debit cards.

If you do accept them, then the card companies are taking on some of the risk and are perfectly entitled to say under what conditions they're prepared to do so.

While I don't agree that their conditions are necessarily optimal, or even, in some cases, effective, that doesn't negate their right to set them.

good to see I can change that cause yes it takes me longer to add things than 15 minutes...i transpose a lot...lol

and we don't take credit cards from the store we do only paypal

**Kim** · 23 Sep 2011, 02:10 AM

Folks - Just to clarify - The 15 minute timeout is 15 minutes of inactivity. As long as you do something every few minutes you *do* stay logged in.

**DarkAngel** · 23 Sep 2011, 02:21 AM

LOL told you I was nutty....that never occured to me...of course that would be it. although I have had some things state that but still log me out.

still good to know how to change it if needed and thanks for setting the standards higher for more security even if we moan about it.

is there a way to also set it to not need to have the admins change thier pass every so many days?

**Kim** · 23 Sep 2011, 02:32 AM

Sorry, no. The admin passwords must be changed every 90 days.

**DarkAngel** · 23 Sep 2011, 02:46 AM

Originally Posted by Kim

Sorry, no. The admin passwords must be changed every 90 days.

welll phooey, but I guess that way my other admins will be more attentive to their pw's...lol

**pasi** · 23 Sep 2011, 07:41 AM

Originally Posted by kuroi

I agree, but only if you don't accept credit cards or debit cards.

If you do accept them, then the card companies are taking on some of the risk and are perfectly entitled to say under what conditions they're prepared to do so.

While I don't agree that their conditions are necessarily optimal, or even, in some cases, effective, that doesn't negate their right to set them.

IIRC in finland you can't take anyones card numbers and store them in a database of your own. All credit card transactions must go through the local credit card authority (through their SSL protected web interface) ... thus the added security for the point you mentioned above is not valid for me or anyone managing a webshop in Finland.

**rstevenson** · 24 Sep 2011, 12:15 AM

Originally Posted by DarkAngel

welll phooey, but I guess that way my other admins will be more attentive to their pw's...lol

Yes, they'll be more attentive. They'll also probably write their passwords down somewhere handy, like a sticky note stuck to the monitor. Now that's security!

Rob

**DarkAngel** · 24 Sep 2011, 12:18 AM

Originally Posted by rstevenson

Yes, they'll be more attentive. They'll also probably write their passwords down somewhere handy, like a sticky note stuck to the monitor. Now that's security!

Rob

ROFL...that is one of those "don't be drinking while reading post reply" type of thing