Welcome to the mailbox.org user forum!
 
New Topic
mailbox.org SupportTopicIdeaGeneral information
Properties
Category General information
Tags session, timeout, logout

Session times out two times a day

Zsolt Donca shared this idea 2 months ago
Proposed

My mailbox.org session times out about two times a day, and having to log in twice is very annoying. Why can't it stay logged in for a reasonable amount of time like any other modern web app?


In the general security settings, I have "Automatic sign out" set to "Never". I understand that a literal "Never" is not practical actually a technically feasible way, but ~4 hours instead is way too short.


I would like my mailbox.org session to keep me logged in at least for a week, and ideally even for more.

8 I like this idea 0  

Replies (4)

photo
1
Maximus 58 days ago

I'm on Beta and am logged out constantly - every time I close my browser, and when I disconnect and reconnect (or am disconnected from) the internet. This didn't happen for me on the standard platform, as it respected the "automatic sign out - never" setting. But perhaps it's not a beta thing after all...maybe this is happening more frequently for everyone. It's a real hassle to be opening my password manager multiple times a day (as I intentionally don't save passwords in my browser), and inserting 1) user name and main password 2) 2FA code 3) Guard password ... then dealing with signing out of ghost sessions that were created by Mailbox.org signing me out without my permission, and then finally resuming my work.

I have already submitted feedback to support staff on this, but nothing has improved.

Reply
photo
1
Zsolt Donca 56 days ago

I am also on the beta. Maybe that's why it started happening? I have opened a helpdesk ticket also, but so far there has not been any resolution.

photo
1
Zsolt Donca 55 days ago

Mailbox behaves the same in Chrome with all extensions disabled as it behaves in Firefox: I had Mailbox prompting me for my credentials at least once a day.

photo
1
Maximus 52 days ago

Today I noticed that the main settings screen stayed logged in, while all the other open tabs (docs, email, etc) did not. If users are in the middle of working on something like an important document, and Mailbox logs them off against their wishes, remaining logged into the settings menu is not helpful. I have no idea who is troubleshooting this on the team's end (if anyone), but noting this nuance here for the record.

photo
1
Smedley Butler 3 days ago

I'm glad that I'm not the only one seeing this issue. I agree, it's a real pain having to open my password manager, etc. to log back in every time I want to check my emails.

I'm coming from Protonmail where once I logged in, I stayed logged in until I signed out.

Sure hope this gets resolved soon.

photo
2
zapata 2 days ago

I think mailbox.org have stated that this is not a bug (but a security feature) and they won't change/fix it. If this is true then they at least should remove the option "never" for "Automatic Sign out".

photo
1
BaLa 2 days ago

I rarely reboot my PC and being signed out every day or so is truly beyond annoying.

The "automatic sign out: never" option does absolutely nothing. Security feature my ass - unless the Germans understand "never" differently than the rest of the world.

photo
1
9701005 2 days ago

Well, I thought 2FA is the critical addition to security.

For me it's a real annoyance since I have to login in on each machine (business & private) at least once per day. I just hibernate (more correct: hibernate on Windows, stand-by on MacOS) either computer keeping their OS sessions for a reason. Maybe mark the option "never" as "not recommended" but leave it in working on behalf of my own risk.

I suppose the prior session time outs (4 or five days from memory) much more balanced in terms of overall security since I now have to unlock my KeePass database every day twice (which I have set to lock with every hibernation, again on purpose because that's my critical box of secrets).

Ironically, on iOS' Mail app I have mailbox.org as one of my integrated accounts. There nothing has changed though that's not my primary way of access to mailbox.org's mail service.

photo
2
ce72 2 days ago

Yes, this is a major issue for me too. Coming from googlemail, I am used to always have an open browser tab for my Email, which will not work for me, if I need to log in each time. It is an annoyance!

I raised a ticket in March and became the answer that they will pass my request to their product manager who will decide, which might be a complex and lengthy process...

Maybe it helps to raise a ticket on your own, so that eventually mailbox.org will hear their users.

photo
1
BaLa 2 days ago

I've opened a support ticket as well. These constant logouts are seriously annoying.

photo
1
9701005 2 days ago

@ce72

for me it's yet to early for "ticket bombing". Mailboy.org remains a (very) small business even for Germany's standards. ^^

And right now they've just got overrun by new customers trying to get away from large scale cloud providers, which is a bigger challenge from business perspective for sure.

Though it has taken quite some time in the past to address (and solve) some issues just via this forum, it has worked out many times. I'm willing to wait another couple of weeks before entering the official ticket route.


Edits: paragraphs

photo
1
9592406 2 days ago

It doesn't sound like their support ticket system works anyways. I've entered this issue as a ticket several days ago but it shows I have 0 tickets.

photo
2
mailbox.org Support 38 hours ago

Hello.

Currently, a Login 2.0 session allows an idle time of 8 hours and a maximum session extension of 4 days. We have already increased the values. We are planning to increase these values a little. But we have to check this first.

I will create a ticket so that the “never” option for automatic logout is removed, as it does not work with Login 2.0. Individual session lengths are not in scope for Login 2.0. We can only make global changes.

@9592406 You can also write an email to helpdesk@mailbox.org to open a ticket. Please let us know the ticket number for the ticket that is not displayed so that we can check why you cannot see it.

Your Mailbox.org-Team

photo
1
BaLa 36 hours ago

"idle time of 8 hours and a maximum session extension of 4 days"

That's an extremely strict setup for people who actually sleep, as it requires at least one, if not more log-ins on a daily basis.

I don't think I'll enable 2FA anytime soon with the constant log-in requirement. It's damn annoying... Can you at least let people stay logged in for a week if you need to forcibly log them out at all?

Something like: "24 hours of idle time and a maximum session extension of 7 days". Still not perfect, but at least semi-usable... Seriously, who wants to be logged out of their email all the time?

photo
photo
1
9592406 2 days ago

I have to login multiple times a day ever since switching to the login.

I had to turn off 2FA because this is already extremely time consuming, and interrupts the work flow

Reply
photo
1
Robot API 27 hours ago

Initially I thought this was my self-destructing cookies plugin, but I've whitelisted the entire domain and others are reporting the same issue - so it's an Mailbox.org problem. Specifically, it can't become my default primary account if it logs out on its own and thus I lose desktop notifications from my browser.

Edit: For now, I've set up mailnag as an IMAP solution. Not sure what the Windows or Mac equivalent would be.

Reply
photo
5
Hendrik Schlange [mailbox.org] 17 hours ago

Hey,
we did start with conservative values in terms of session lifetime, as we wanted to guarantee stability when scaling up the Login 2.0.

Of course we know that logging in multiple times a week (or even per day) is annoying, and we want to improve the user experience. So for now, we increased the lifetime of a session to 16 hours (while keeping it capped at 4 days). This means, that as you can stay logged in for up to 4 days now as long as you are active every 16 hours. This should reduce the number of fresh logins needed to around 2 per week instead of 2 per day.

We actually want to increase the session lifetime even further than that, but we have to carefully monitor the system, as we're moving thousands and thousands of users per day to Login 2.0. Once the migration is done we're at more liberty to act here and improve on the session times.

I hope I could clear things up a bit.


Hendrik

Reply
photo
2
Maximus 17 hours ago

Thank you for that update Hendrik! Very helpful. More proactive communication from the team for private customers would be appreciated moving forward. Imagine a culture at Mailbox.org where this log in limitation would have been communicated in advance (without waiting for complaints to stack up). Or a culture where the team isn't getting pinged with the same help desk questions over and over because problems are immediately communicated to everyone, along with proposed solutions and timelines.

photo
2
Hendrik Schlange [mailbox.org] 15 hours ago

Hi Maximus,

I totally agree. In fact, the plan to increase the session times is months older than this thread. It's just, as described, we are working within rather cautious limits right now.


Best,

Hendrik

photo
1
9701005 11 hours ago

Hi Hendrik,

thanks for the detailed response. 16to48-hours conditional session timeout is a welcomed (next) step for me.

Though this issue is/was a nuisance to some (like me ^^), overall the migration appears to process well. I hope/wish this is a valid sign to incrementally increase the account numbers for each remaining migration run.

Good luck!

photo
1
9592406 10 hours ago

Thank you Hendrik. Note that it's not only about the length of inactivity, but also about not being able to close the browser. For me it seems to time out every time the browser closes, wether I close it on purpose, or because there was too many apps opened on my phone and browser got unloaded. It didn't use to do that with the previous login.

Thanks

photo
Leave a Comment
 
Attach a file
© 2025 mailbox.org
You can't vote. Please authorize!