"Keep me logged in" extended to one year

On Tuesday, 16 August 2016 around 15:00 UTC (8:00 a.m. PDT), the login sessions were changed so that they can last up to one year on Wikimedia sites. This will only affect users who select the option to "Keep me logged in (for up to $1 days)" on the login screen. Currently, this option lasts only for 30 days.

Users who do not check "Keep me logged in (for up to $1 days)" will not be affected by this change. You can log out sooner by clicking the "Log out" button in the upper right corner of your screen, or by clearing cookies for the website.

Questions

What is the reason for the change?

When users explicitly opt in to a longer session, it's useful to do so for longer than 30 days. Longer login lengths mean fewer problems with editors being logged out unexpectedly. The login length was previously much longer, and was shortened a few years ago to just 30 days as part of some other changes to how we handle cookies. Many users have requested a return to the longer length since then.

No, it does not.

Which wikis does this apply to?

This change applies to all WMF wikis in all languages, including Wikipedia, Wiktionary, Meta, MediaWiki.org, and more.

If my wiki shows the "Keep me logged in (for up to $1 days)" time period, will that be accurate?

Most wikis are using the default message, which says only, "Keep me logged in (for up to $1 days)", without specifying the maximum length of time. In that case, the message will remain the same.

If your wiki is currently using the message parameter, then the message will show the new length automatically. You will not need to change anything. Any wiki can choose to show the length by editing MediaWiki:Userlogin-remembermypassword to say, "Keep me logged in (for up to $1 {{PLURAL:$1|day|days}})". The software will automatically insert the correct length of time where the "$1" is in this phrase. If you want, you can copy and translate the example from the English Wikipedia for your wiki.

If your wiki is using a custom local message that has the time hard-coded (e.g., "Keep me logged in for a month", without the "$1" parameter), then please change this immediately to use the parameter instead. Using the parameter means that your users will always get accurate information about this setting.

Will existing login sessions be affected immediately?

Existing sessions will not be affected. Users will not be logged out early, and existing sessions will not be extended. This change will take effect the next time you login with "Keep me logged in (for up to $1 days)" checked.

Does this comply with the Privacy Policy?

Yes, the Legal team has verified that this change complies with the Privacy policy.

See also