At least it is not political!
2nd. attempt! Local storm took out the power and now a couple of brown outs where the PSU kept the computer going!NatWest push Trusteer Rapport security software when you access their site. Up to now I have ignored it but they have started shutting down my access on a spurious no activity in the last 10 minutes message.
I'm using Firefox and the problem is particularly noticeable if I click on the *allow new page* option.
Is it them or me?
Any thoughts?
Not sure. Santander pushed Rapport on me some years ago, I subsequently ditched it because of problems which I don't recall.
My impression is that most banks and people like HMRC will now log you out after about 10 minutes of inactivity to improve security.
I use NatWest and don't seem to have had that problem. yes, they will time out but not spuriously.
I don't use Rapport because I run Firefox on FreeBSD!
I also use NatWest, and Firefox (albeit on Windows 10). I haven't used Trusteer other than for a few months when it was first laucnhed. I have no problems. But I also don't even see an "allow new page" option - only the "Do not refresh my screen on timeout" option for users with special needs. I don't use that (on VM cable in London so no need).
If it helps, send me your phone number and I'll get a personal banker to call you and do you...
In my case it was because an update to the paid for version of AVG I use somehow interacted with Rapport the effect of which was to block access to the WWW via IE, . Sometime around April 2016
I tried to get an answer out of Nat West that if my account got hacked in anyway that removing their Rapport could be taken as being negligent in any subsequent claim after telling them the reason I was removing it. The answer I got was that they would not if I had taken reasonable precuations but I have never been really satisfield with the answer, perhaps I should do it by email and save any reply
Nat west has timed out for the fair number of years now I have had online banking but to be honest I have never actually timed it.
G.Harman
Not sure about your problem, but whatever you do, *do not* install the Trusteer software unless you want to cripple your PC.
Them. They seem to think we are all expert typists and that even goes for putting card numbers into telephone keypads. I often wonder if they really want to give us access to our money. I tell you there is a lot to be said for mattress stuffing. Brian
Hmm.. ISTR trying it with W(xp) and then dumping it on advice from others. I don't recall any actual problems.
This is W7 pro on 32 bit.
Log in goes OK but well within the allowed 10 minutes no activity limit, auto logs out.
I am tempted to try Trusteer on the basis it can always be removed.
En el artículo , Tim Lamb escribió:
I believe it is very difficult to uninstall completely. You might want to install it under the eye of something like Revo Uninstaller.
Last time I looked, Trusteer was owned by IBM, which is reason enough not to use it. It is known to have had serious vulns in the past.
I also found the description of Rapport's workings rather opaque. I don't install software I don't trust, especially when it's watching me log into my bank.
YMMV.
In message , Mike Tomlinson writes
Hmm.. Increased nervousness alert! Perhaps I'll struggle on for a bit and hope things get better.
I raised a complaint with NatWest but they came back with a *no issues found* response. (This is a business account) I might do better contacting the business banking advisor for off record stuff.
I still settle most invoices by cheque so this is not a huge issue...yet!
HSBC have also logged people out after some time of nothing happening. Sounds fair to me, if you're not doing anything, why clog up the pipes?
And they do put up a pop-up telling you they're about to log you out and asking you if you want to stay logged on.
Precisely. You're consuming resources on the server by sitting there with a logged-on window.
I don't think it does "clog up the pipes". When you log in a cookie is set in your browser if the cookie exists and is still valid subsequent page requests will be honoured, if not you will be prompted to login again on your next request. Logging you out just involves deleting your browser cookie.
When HSBC want to log me out due to inactivity they create a pop-up asking me if I should be logged out or not. If I don't respond in a certain time then I'm forcibly logged out.
Yes it does. There's context on the servers relating to your session, which has to be maintained the whole time you're logged on. OK, there's not a lot of it, but there may be hundreds of thousands of people logged on at the same time.
I thought a timeout was also a regulatory requirement (to reduce the risk from people walking off without logging off).
No. In all probability you are not.
Web based transactions are stateless. The only way the server 'knows' that you are who you are is via a cookie given to you by the server and stored in your browser.
You browser may maintain some open connections at the TCP socket level. but often it does not, and these are in any case relatively low resource low level entities. More so than originally since one connection can support multiple parallel requests. This reduces socket creation/destruction during the session.
In short what seems like an 'open' session is in fact already ceased and gone away. By pressing a key you reactivate it and send your cookie back to the server, which, if the cookie is still valid, will return you to where you were. If the cookie has timed out, it will not. It will probably take you back to a 'login again' screen.
is a reasonable overview of why cookies are needed to retain state - i.e. 'logged in'
So AT THE MOST one active TCP socket on a modern server, which is a few kBytes of RAM, suspended waiting to be rescheduled on interrupt if a packet destined for it is received, so taking up no CPU cycles at all.
Its not an issue of resources. An idle session consumes (almost*) no bandwidth .
Its a question of secuirity, as anyine who has left an unattended screen in an office knows, its all tro easy for kokers and indeed indenity thieves to come along and do what they want using youur credentials.
The default assumption is that if a session is idle, there is no one at the far end is pretty reasonable. And if someone wanders up and tries to use it, then they ought to have the password.
*might get a TCP keepalive packet of a few bytes every few minutes+1
It is.
No hugh, that isnt clogging up the pipes.
That isnt even clogging up the server.
Havin written applications, the table in te darabase that holds your detials will simply have one field set to the current cokkie value.
That field exists whether or not you are logged in. So no extra resourecs are used seeting t to your 'session'
WHERE you get back TO is determiend by te URL you cick on to refresh. And thats in your browser, not in the server.
Whether you are allowed to access it is determined by whether the cookies is still vcalid.
OK, there's not a lot
to hold a cookie session ID and a timestamp in a users file is maybe 100 bytes. Space that will always be allocated anyway.
So holding a session 'open' consumes no more extra than a few TCP keepalive bytes, if your browser decides to stay connected.
The illusion that you are 'logged in' is just that - an illusion. In reality you have walked out the door holding a ticket to get back in - the cookie - and the doors are shut anbd locked behind you.
HomeOwnersHub website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.