It looks like Shutterstock has incorporated a new login procedure that forces us to type in a worded code. (13 letters long!) This stinks, and is completely user unfriendly. I'm on a Mac, and have the ability to automatically log in, to all of the stock agencies on my keychain. But Shuttersock now prevents that. Come on Shuttersock, what's the  point? What's next? Provide a photo ID, at log in? A fingerprint? In my opinion, this is security overkill.

I only had to log in once and haven't had to do it again.  I don't mind them doing this if it increases security.

It depend on how your Browser handle the sessions but, usually, once you are logged in, let's say first time in the morning, you should be able to refresh the page without any need of re-type the password and Captcha.

bye!

Antonio

Quote from: rimglow on May 19, 2009, 13:14
It looks like Shutterstock has incorporated a new login procedure that forces us to type in a worded code. (13 letters long!) This stinks, and is completely user unfriendly. I'm on a Mac, and have the ability to automatically log in, to all of the stock agencies on my keychain. But Shuttersock now prevents that. Come on Shuttersock, what's the  point? What's next? Provide a photo ID, at log in? A fingerprint? In my opinion, this is security overkill.

If it increases security so much, then how come banks, don't require it? This is bureaucracy run amok.

IMHO is not for security, it is purely to limit the workload on the servers generated by tools like picNiche and LookStat that automatically and periodically access to the site to read sales and other statistical data.

From the Agency point of view this kind of traffic is pure bandwidth waste as:
1- don't add new contents on the site
2- don't generate any profit.

From the security point of view the agency might potentially argue a vague breach of the agreement because it is normally declared that login data are for exclusive use of the contributor and that cannot be give to anybody else (potential misuse of those data and potential risk for the contributors itself). Anyway... this specific matter might be subject to many different interpretation and my brief note are for sure not exhaustive...

That's my two cents on the matter.

bye!

Antonio

Quote from: rimglow on May 19, 2009, 14:34
If it increases security so much, then how come banks, don't require it? This is bureaucracy run amok.

I always find the text pictures hard to read. It sometimes takes me 2 or 3 tries to login... Is it a 1 or is it l ... What a pain.

Quote from: sharpshot on May 19, 2009, 13:42I only had to log in once and haven't had to do it again.  I don't mind them doing this if it increases security.

This is not about security but about pestering people. If they were worried about security, they would have had an https long ago.

Quote from: rimglow on May 19, 2009, 14:34
If it increases security so much, then how come banks, don't require it? This is bureaucracy run amok.

Because people don't give their bank passwords to third party web sites to ''track their activity"!!