Persistent login with standard-level security

Hi there,

Thank you for getting in touch and for using the plugin.

You can actually achieve this functionality through the premium version of the plugin. Setting the remember me period to 14 days will keep people logged in forever as long as they return within 14 days each time.

Alternatively, on the free version of Persistent Login your users can visit the ‘Your profile’ page in the WP Admin and end any session they’d like to, should they forget to log out of a device.

I hope this helps!

Hi @lukeseager,

Thanks for the quick reply!

It’s nice to have the ability to end sessions. Just a thought, it would be nicer if it’s on the frontend instead of the wp-admin profile page for non-admin users, not sure if this is possible…

About the Remember Me logic, I thought the logic is the period (e.g., 14 days, or 365 days) starts when the user logs in, and is not renewed. So if a user logs in on January 1st, checked the Remember Me option (with 14 days period), then on January 15th the user will need to re-login.

Are you saying that the plugin modifies this behavior, so that the cookie expiration will be continually updated indefinitely? You mentioned that this happens as long as the user “returns”. Can you be more specific on what condition exactly triggers the renewal of the session cookie? For example, on any page load? Other?

Thanks!

Hi there,

Front end session management is available in the premium version, there is a block you can place on any page that will show the current users sessions in a table, and allows them to end them from the front end.

You are correct, the default WP logic is that your session will expire after 14 days, even if you visit the website again within 14 days. WP Persistent Login alters this, so that every time the user visits your website their login session is extended by 365 days (or the custom length of time set in the premium plugin). Meaning that they should never be logged out, unless the user is particularly inactive on your website.

When I say ‘as long as the user returns’ it simply means if they visit your website. Every time the users login is validated by WordPress, we extend their login cookie and session to last another 365 days (or the custom setting in the premium plugin). I believe WP checks a users login is valid on every request if the user is logged in, this is default behaviour in WP.

I know I’m mentioning the premium version a lot, I just want to say that this isn’t a sales pitch. The plugin/a website could be extended to achieve this functionality without purchasing the premium version, with the right knowledge. But these features are available if needed in the premium version.

I hope this helps.

Hi,

Awesome. Looks like the plugin (especially with Premium features) has nice features with the frontend Block for user’s session management, and can handle session cookie renewals at each page/http request, which seems to be the right way to handle login cookies (unsure why this is not the default behavior for WP).

Thanks for the quick and helpful feedback! Best wishes for the plugin!

Btw, I cannot find any website for the plugin to check the pricing, but see that the free version seems to install Freemius for premium upgrade purchase within wp-admin.

I have a few follow-up questions:
1. Is there an option to not install Freemius, and just install the plugin files (free or premium).
2. How will the plugin impact the site performance like loading speed, etc., if it performs checks and cookie renewal on each request, will it cost some speed?
3. Looking at the pricing, if I understand correctly, it’s ~$50/year (yearly not lifetime license, for 1 site), which seems quite high compared to many more major plugins that have much more functionalities. Am I missing something, or is it correct?

Thank you

Hi there,

No problem at all, happy to help.

The website for the plugin is https://persistentlogin.com/ if you’d like to take a look.

1. I’m afraid not, the plugin is integrated with Freemius, it would be technically possible to remove Freemius from the free version, which is certainly okay to do with the GPL licence. But this would require quite a few code updates to get it working correctly.

2. Every plugin will have some effect on performance, but persistent login is typically quite minimal. WP already checks if a user is logged in on each request, persistent login hooks info that to add a little more logic to it, but the code isn’t likely to slow down your server too much. Persistent Login does count the number of logged in users twice a day, this is probably the most resource intensive part of the plugin. However, this is completed as a background task. Users are counted 300 at a time, but this figure can be tweaked using a PHP filter.

3. You are correct about the pricing. Plugin pricing does vary dramatically from product to product, you’ll probably find popular plugins that sell in their millions are priced quite cheap because they’re looking for volume sales. Persistent Login is very niche, it is (I believe) the only plugin that does what it does. I do appreciate the pricing may be higher than some other plugins and it may be something I address in the future if the plugin takes off, but I’m not expecting it to because, as I say, it’s quite niche.

Thank you for the reply and link to the site.

1. I see, just a thought if I may, it might be nice to not have Freemius especially for the premium version. Although it’s probably not an actual risk, it feels a bit intrusive to have Freemius installed into wp-admin.

2. I see, it sounds like a reasonably lightweight addition to WP’s login check. Good to know about the scheduled background task, got it.

3. Yeah, I see, that’s a bit unfortunate, but I understand your challenges. Perhaps partnering with higher-volume companies might be beneficial for everyone (just a thought).

Anyway, thank you for the helpful comments, and good luck for the plugin! Nice talking with you.

Hi,

Thank you for the comments and feedback. For the time being Freemius is required as it handles the upgrade and renewal process, but in the future I may look at a homespun solution.

Thanks,
Luke