Yesterday (Mon, Apr28) I was on a business trip in Seacaucus, NJ. During a lull in the action, I discovered a public internet terminal in the lobby. I logged on the SDMB and surfed for about 20 minutes. I was suddenly called away to witness a prize drawing, and had to abrupty leave the terminal without a chance to log off.
When I got a chance to get back, some other guy was on the terminal doing his finances or something.
Question is, does the SDMB automatically log-off when accessed by someone else, or is that terminal STILL opened up to the SDMB, with ANYONE using my screenname capable of hacking the SDMB server and other mayhem…and I get the blame???:eek:
If you logged in, then you stayed logged in. The result is that anyone else who accesses that terminal, and who goes to the SDMB, will be able to post as you, and do anything that you would be able to do. So far as I know, the Powers that Be here cannot log you out from their end. You would, however, be logged out if another Doper logged in at that terminal as him/herself, and you would also be logged out if the machine in question has its cookies cleared, or is not set to accept cookies in the first place (both are fairly likely for a public terminal). If you’re worried about damage control, e-mail the admins with the time frame you were on, and preferably links to one or more specific posts you made in that time. That way, if suspicious posts start showing up under your name, they’ll be able to tell if they were made from that terminal.
You might also try changing your password, which might make that login invalid. But I don’t know if that would work.
All in all, I wouldn’t worry about it, since it’s unlikely that anyone will even notice, and even if they do, the worst they can do is post in your name.
I’m >95% certain that would work. Each time you click anything that requires you to be logged on, the message board software reads it’s cookie and compares the username and password stored therein and compares it to what’s on file in your registration. If there’s not a match, the action is disallowed. At least this is how all the PHP forum board sofware I’ve ever seen handles cookied login security.