It's not the same without you

Join the community to find out what other Atlassian users are discussing, debating and creating.

Atlassian Community Hero Image Collage

How to logout / TOO persistant login Edited

Dear ATLASSIAN / atlassian Community :

I have a very simple question :

How to definitely and unequivocally logout of this website ? ( )

Due to the nature of my work, I must quite frequently work on workstations that are not exclusively mine.  Also in our office some workstations are not exclusive .

After the (not-so-) recent change to the login method for ATLASSIAN products, we find it almost impossible to logout.  an automatic login will always occur with the last used ID/PWD.

Unless I / WE miss some absurdly obvious function or link ( and in that case - apologies )- The "logout" link is simply misleading in nature.

e.g. :

  • Two of my co-workers / colleagues signed-in in an airport lounge - and then took them almost an hour to try and reset the login - without success.
  • In our office - we are all forced to use ONE single username of the first unlucky user that logs in.
  • ..and even a personal laptop / workstation can not be left always logged-in.

All of the above scenarios can be considered as a very serious security threat. and I can count many more.

Deleting cookies / local storage does not seem to help - apparently they are set on multiple / separate domains and fiddling with them is not what anyone as a simple user should do - even if could.

In some instances cookies deletion will cause `404` errors like :

Not Found

The requested URL /simplesaml/module.php/core/no_cookie.php was not found on this server.

Answers like this one does not seems very helpful as we are not expected to mail / post thread every time we want to logout ... ( BTW - lots of questions about this issue. maybe a hint ?? )

I would also have expected to have a clear and precise warning to users of the fact that the login is persistent and can not be actually revoked on "logout" .

Again - if there is another method / function / link to do a real and persistent "logout" with cleaning of all residues - Then I apologize for the thread and please point me to the right direction.

But if there isn't any - Then I would definitely expect to be able to securely logout of any account at any moment I so desire.

Edit : Small addendum :

If indeed some function to clear all session exists - I would also expect to transparently EXPOSE it to users - as I wrote above - It seems we / I am not the only one(s) that search for it .... .


1 answer

0 votes

What have you done to the browser?  The session information is kept by a browser and cleared if you click "log out" under your profile.  This works for me in all three browsers I usually use, so I have to ask why yours is behaving differently/

Nothing special done to the browser, I also tried it on several different browsers. Click logout and then login again - and no ID / PWD is asked.  just logged immediately. I do not think that we are the ones doing anything wrong..

Is there any progress or answer on this issue ?

Suggest an answer

Log in or Sign up to answer
Community showcase
Published in Bitbucket

Bitbucket Server 7.0 is here!

Hello Community, I’m Anton Genkin, a product manager on the Bitbucket Server and Data Center team and am excited to share that Bitbucket Server 7.0 is now available! It's a platform release, one th...

1,005 views 6 5
Read article

Community Events

Connect with like-minded Atlassian users at free events near you!

Find an event

Connect with like-minded Atlassian users at free events near you!

Unfortunately there are no Community Events near you at the moment.

Host an event

You're one step closer to meeting fellow Atlassian users at your local event. Learn more about Community Events

Events near you