Why you have to sign into Mingle more often

Posted by Ethan Teng

5 May 2014

Update August 2014

Based on even more feedback that a 12-hour window was not enough, we’ve increased the timeout to 1 week to improve your Mingle experience :) Please note, however, that this timeout setting will be overridden if you access Mingle via an SSO provider.

- – -

You may have noticed that you now have to sign into Mingle everyday, whereas in the past this did not happen as frequently. Why? Because we want to keep your data safe.

We undergo an annual security audit which is conducted by a third-party service provider. An important item that came out of our last audit was the need for a stricter timeout policy. Not enforcing a timeout policy opens up the potential for someone to compromise your company’s data in Mingle, either physically or through a side channel attack.

So, we started with an 8-hour timeout.* But, we quickly received feedback that this was too short a time window and was disrupting people’s workday. We listened and responded by increasing the timeout window to 12 hours in order to be longer than the typical workday.

Please continue to let us know how this is working out for you. We can still make adjustments if needed. However, keep in mind that enforcing a timeout is not optional. It is important to keeping your data safe and secure, which is our top priority.

*We also removed the “remember me” checkbox. All that did was auto-fill your sign-in name. It did NOT keep your session active or automatically log you in.

comments powered by Disqus