Thinking about user's behaviour, I noticed it's very common for users to leave their sessions logged every time they use the website.
Thus, for security purposes, may we leave persistent login unchecked by default on ACS core.
File /packages/acs-subsite/lib/login.tcl, line 153
Best wishes,
I
-- set options_list [list [list [_ acs-subsite.Remember_my_login] "t"]]
++ set options_list [list [list [_ acs-subsite.Remember_my_login] "f"]]
if { $allow_persistent_login_p } {
ad_form -extend -name login -form {
{persistent_p:text(checkbox),optional
{label ""}
{options $options_list}
}
}
}