On Tue, 16 Jun 2026 at 09:35, Robert Kisteleki <robert@ripe.net> wrote:
Also would be great if the login is remembered across multiple days, so no login is needed every single time.
That's fair; we're moving towards a solution where different systems can possibly have different log-in periods. I cannot state we'll do this though, as the downside is that users can get caught in a "now I'm logged in, now I'm not" game, depending on which services they visit.
A different approach to this seen could be to require 2FA for certain *actions*, so that long log-in periods can be kept across different areas/services. Of course this could be become tedious when the task has multiple actions (but then perhaps the 2FA for actions could only be queried once an hour, while maintaining long log in periods for the access itself). Lukas