Cookies Management at Kenjo

Modified on Mon, 12 Dec, 2022 at 10:48 AM

Ever wonder why you frequently get logged out of your Kenjo account? It is for your own security. By having to log back into your account after ending a session, we make sure that your sensitive company information is protected from third parties. Our cookies are configured to expire automatically, according to security guidelines, and with the goal to keep your data safe. This is the reason why you have to re-enter your credentials once in a while. 


In this article, you will understand this topic in more depth. 


TABLE OF CONTENTS


:cookie:What is a cookie?


A Cookie is a piece of data from a website that is stored within a web browser that the website can retrieve at a later time. Cookies are used to tell the server that users have returned to a particular website. When users return to a website, a Cookie provides information and allows the site to display selected settings and targeted content. 


Cookies also store information such as session information. This is done so that when users revisit sites, any information that was provided in a previous session or any set preferences can be easily retrieved. 


For more information on Cookies, you can visit this website.



:cookie:What types of Cookies are there?


There are different types of Cookies. The most common ones are the Session Cookie and the Persistent Cookie

  • Session Cookie is a cookie that is deleted when the browser is closed. It will stay if you open a new tab in the same browser, but it will be completely erased when the browser is shut down.

  • Persistent Cookie (aka Permanent Cookie) is a cookie that will stay alive after the browser is closed. Although this may seem the preferred way because you wouldn’t have to enter the password every single time you open the browser, it’s not a secure way of handling cookies.


:cookie: What type of Cookie does Kenjo use?


At Kenjo, we have followed the Cookie OWASP guidelines to ensure that our cookies follow the security standards of today. It has been highly recommended to use non-persistent cookies for session management purposes, so that the session ID does not remain on the web client cache for long periods of time, from where an attacker can obtain it.


:cookie:Why you need to log in every time to your Kenjo account?


Within Kenjo, Cookies are deleted after a certain amount of time. That is why a session in your desktop browser can last up to two days, then the Cookies are deleted, and the credentials have to be re-entered. 


For our mobile app, it is possible to have longer sessions. That is because, first, a mobile phone is typically locked when it's not being used. Second, the operations performed in mobile are usually short and limited, like requesting a time off or checking in using the attendance tracking. Third, you give us permission to store your data for two weeks instead of two days by clicking on "Keep me signed in". 


However, within the desktop app, it is more complicated than that, which is why we use Session cookies. 


:cookie:How long can I stay logged in Kenjo?


The session in Kenjo will last for 48 hours. This means that you can use Kenjo for two days without re-entering your password. Since we use a Session Cookie, if you close the browser, the cookie will be removed, and you would have to enter your password again.


We understand that this configuration could be painful at times, but to us the most important is to ensure that your data is safe at all times, that's why we strongly believe that following cybersecurity principles is key to be a trustful company. We rather be secure than putting our customers at risk. 

Was this article helpful?

That’s Great!

Thank you for your feedback

Sorry! We couldn't be helpful

Thank you for your feedback

Let us know how can we improve this article!

Select at least one of the reasons
CAPTCHA verification is required.

Feedback sent

We appreciate your effort and will try to fix the article