Some web sites (notably some email clients) have log-in pages that expire (after 2 minutes).
What is the reason for login pages that expire?
A:
Most often, session resources and the like. It may also protect against bot-logins.
Dave Swersky
2009-11-27 00:22:29
A:
Many bad ideas initially seem good ideas to inexperienced people because they don't think them through. They say "hey, this will probably increase security, let's do it". I'm pretty sure this is what happened in this case.
The guy who designed my bank's website thought "hey, using special characters in passwords maybe causes problems, so let's limit it to letters and numbers, and to 16 chars in length" so I can't use a much more more secure pass-phrase such as This password is much, much more secure than a completely random 16 chars password.
The guy who designed my dad's company website thought that people want to wait 2 minutes while it loads the cool effects.
...I could go on.
Andreas Bonini
2010-04-01 03:06:28