Remember when there was no conventional logout option on Amazon? You’ve probably also noticed that Google and Microsoft sites try to keep you logged in, and services like Discord hide the logout somewhere hard to find
If your browser is set to delete cookies on closing it, your sessions should be gone anyway when you open it again. I don’t logout, personally, I trust Firefox’s cookie jar to isolate them by website, which makes them much less useful.
your sessions should be gone anyway when you open it again
Your session cookie will be gone, but your session is still valid until the server decides to invalidate it by a time-out.
That makes sense. Would there be a way to re-use this same session if the cookie has been deleted though? I know that closing the browser isn’t ideal, but if both the cookie and the login session are needed, if you remove one of them it should be enough.
Session ID’s could be stolen (XSS, malware) or guessed (bad implementation of the id generation). Sites that want you to be logged-in all the time know of that risk and will use (invasive) techniques to assess how likely it is that the use of a given session is legit. (GeoIP, Fingerprinting)
Thanks for the detailed answer, I didn’t know about that.
provided you close your browser regularly
Right, I honestly didn’t think of this possibility as I reboot every day.
Have you tried temporary containers extension? For sites you want to stay logged in you can use ferdi or rambox. At least with ferdi, it’s easy to route it through proxy.
Outside of Lemmy and github (even though J know it’s Microshit owned), I always log in in a private window. Especially for things like gmail, amazon.
Google and Microsoft don’t even call it “login”/“logout” anymore, but “add account”/" remove account", where the wording of “removing” sth. might sound like a negative thing to some
