We work on a webapplication when user needs to verify 1000's of document in everyday basis. To keep the application secure enough, a session timeout of 30 minutes is introduced. Though it keeps the application intact, the user can't login to it everytime and we are not allowed to have "remember me" as part of security audit
We created a small extension which tracks the user tab for login url ( let's say signin.xyz.com ). If the user login URL is there, then the extension will fill the username and password automatically to webapp and logs in user
How it helps?
- Saves 16 login for user everyday
- As the data is at users side itself such as username and password, we are not storing or retrieving anything from n/w
This is one other way how extension can be helpful and provides a solution