Hi everyone,
I come to the ISC2.org website almost every day and I am wondering why is the ISC2.org login session so short? (It's less than 60 minutes... please can you confirm the actual duration?)
It's really annoying. You step out to answer a call or grab a coffee and come back 5 minutes later and must login all over again! I understand the security concerns, but this is over the top and so annoying on a personal computer at home where I am the only user, and the computer is already protected by various lock screens and screensavers with login prompts.
Also why is Gmail login via OAuth not available? at least it would make login again easier...
Also please consider extending the session to 12 hours or even 7 days or 30 days like many other websites do (e.g. by fingerprinting the machine that the user is using and forcing a new login on any other new computer that is not fingerprinted.).
I have disabled ISC2 2FA because it was so annoying to key in 2FA again and again... so this policy completely defeats the security purpose...
Can you please escalate this ticket to the security team and ask them if they could reconsider or improve the login and session management options. If it is already in their roadmap then great, please let me know.
Thanks!
Alex