Post Reply UWP app requires a login every month
7166 cr points
Send Message: Send PM GB Post
Online
Posted 7/22/16
I was watching an episode yesterday, when the playback suddenly stopped and refused to resume.
After waiting for a minute or so, I decided to return to my Queue and retry from there.

That's when the app claimed my Queue was empty, and that I needed to login first.
This happened on my Windows phone. I was wondering if it had affected my PC too, so I launched the app on my desktop. Interestingly, the queue wasn't empty, but that's because the app doesn't seem to refresh when it should.
I decided to look at my History, and that's when I had to log back in on my PC as well.

Since this had never happened to me before (when I still had to use the Windows Phone 7 app), I decided to have a look at My Devices. That's when I noticed that it has been exactly 1 month since I had registered my phone and PC via the Windows 10 UWP app.

Can we expect a fix for this issue? At the very least, I don't want to be logged out automatically while I'm still watching a video. Ideally, I don't want to log in at all, unless I'm using a new device.
7166 cr points
Send Message: Send PM GB Post
Online
Posted 8/22/16
Another month, another need to login again.
The previous app was better, except it only worked for Windows Phones.
7166 cr points
Send Message: Send PM GB Post
Online
Posted 9/21/16
So, after 2 months and 2 posts there's still no answer. Am I really the only person whom this issue bothers?
58686 cr points
Send Message: Send PM GB Post
30 / M / Dallas, TX
Online
Posted 9/25/16

Nolonar wrote:

So, after 2 months and 2 posts there's still no answer. Am I really the only person whom this issue bothers?


A login once every 30 days or so doesn't seem to be too big a deal.

I wonder if this is an intentional change, in order to keep people who don't know passwords from staying logged into an account that isn't theirs.
7166 cr points
Send Message: Send PM GB Post
Online
Posted 9/25/16

eyeofpain wrote:
A login once every 30 days or so doesn't seem to be too big a deal.

In my case it is kind of a big deal. My password contains 17 characters of upper-/lowercase letters, numbers, and special characters, and is therefore easy to mistype. It's already a pain to type in on PC, and since I use Crunchyroll mostly on my phone, it is doubly painful. The last time, I had to type my password 3 times.



eyeofpain wrote:
I wonder if this is an intentional change, in order to keep people who don't know passwords from staying logged into an account that isn't theirs.

I doubt that it's intentional. If it were, it would at least wait until I'm done watching my anime instead of kicking me out right in the middle of it.


Besides, what would be the point?

If the intruder knew my password, there'd be no point in kicking them out every 30 days.
If they got access to my phone, what harm can they do? I can't access the store via the UWP app anyway. At worst they'd mess up with my queue. If that happened, I'd better contact Crunchyroll than wait 30 days, no?

Even if security was the reason, it's not like the internet was invented yesterday. Almost every site renews your login session every time you login. Among them are a lot of sites that need to take security a lot more seriously than Crunchyroll. For instance Steam; I just need to lose my Laptop, and people could buy gifts using my credit card and resell them, no login required. And Steam's just one example among thousands of much more popular services.
So if Steam doesn't bother to log me out every month, why should Crunchyroll?
The Wise Wizard
100963 cr points
Send Message: Send PM GB Post
56 / M / U.S.A. (mid-south)
Offline
Posted 9/25/16

Nolonar wrote:

In my case it is kind of a big deal. My password contains 17 characters of upper-/lowercase letters, numbers, and special characters, and is therefore easy to mistype. It's already a pain to type in on PC, and since I use Crunchyroll mostly on my phone, it is doubly painful. The last time, I had to type my password 3 times.

Have you considered using a password manager?

7166 cr points
Send Message: Send PM GB Post
Online
Posted 9/25/16

TheAncientOne wrote:
Have you considered using a password manager?


Not really. When it comes to passwords, I tend to be very cautious and distrusting. It's the reason why I use different passwords on every site I visit.
I'm not going to use a password manager unless the developer is someone I know and trust well enough. As for those I know and trust well enough, the closest thing to a password manager is whatever they built into their browser. Unfortunately, on Windows Phone I can't access those passwords, so no copy-pasting for me.


But it's okay. If Crunchyroll doesn't want to fix this issue, I'm not going to press any further. I just find this lack of communication impressive.
Next month I'm going to send them a support ticket and see what the official answer is. It's a bit overkill, but if that's the only way to get the staff's attention...
58686 cr points
Send Message: Send PM GB Post
30 / M / Dallas, TX
Online
Posted 9/26/16

Nolonar wrote:


TheAncientOne wrote:
Have you considered using a password manager?


Not really. When it comes to passwords, I tend to be very cautious and distrusting. It's the reason why I use different passwords on every site I visit.
I'm not going to use a password manager unless the developer is someone I know and trust well enough. As for those I know and trust well enough, the closest thing to a password manager is whatever they built into their browser. Unfortunately, on Windows Phone I can't access those passwords, so no copy-pasting for me.


But it's okay. If Crunchyroll doesn't want to fix this issue, I'm not going to press any further. I just find this lack of communication impressive.
Next month I'm going to send them a support ticket and see what the official answer is. It's a bit overkill, but if that's the only way to get the staff's attention...


KeePass is an open-source (meaning people are able to look through the code and find any vulnerabilities) password manager, which has several contributed ports for mobile devices, including Windows Phone. KeePass uses a local database only, as opposed to something like LastPass, which syncs passwords to a cloud-based account, so you decide how that database file is shared. There are other open-source password managers, but I'd recommend doing your own research if you're that paranoid about password security.

How are you currently keeping track of all these long passwords? Even if you don't change them often, that's still a lot of passwords unless you specifically avoid creating accounts at different sites. If you're using the built-in password storage in browsers, that's not going to be as secure as a dedicated password manager.
7166 cr points
Send Message: Send PM GB Post
Online
Posted 9/26/16

eyeofpain wrote:
How are you currently keeping track of all these long passwords? Even if you don't change them often, that's still a lot of passwords unless you specifically avoid creating accounts at different sites. If you're using the built-in password storage in browsers, that's not going to be as secure as a dedicated password manager.


I don't remember the password per se, only how I "made" them.
Basically, I just choose a bunch of words which are easy for me to remember, then I "encrypt" them in a way that introduces special characters, and numbers, and mixed lower-/uppercase letters.

The only downside is if a site imposes a character limit, like "maximum 8 characters" or "only alphanumeric and _-., (space)", everything goes to hell and I have to remember the password. Luckily, there aren't many of those sites, and they're pretty much all sites I don't care for much anyway, so it's no big deal even if I forget them.


PS: Thanks for the recommendation. I'll check it out.
58686 cr points
Send Message: Send PM GB Post
30 / M / Dallas, TX
Online
Posted 9/26/16

Nolonar wrote:


eyeofpain wrote:
How are you currently keeping track of all these long passwords? Even if you don't change them often, that's still a lot of passwords unless you specifically avoid creating accounts at different sites. If you're using the built-in password storage in browsers, that's not going to be as secure as a dedicated password manager.


I don't remember the password per se, only how I "made" them.
Basically, I just choose a bunch of words which are easy for me to remember, then I "encrypt" them in a way that introduces special characters, and numbers, and mixed lower-/uppercase letters.

The only downside is if a site imposes a character limit, like "maximum 8 characters" or "only alphanumeric and _-., (space)", everything goes to hell and I have to remember the password. Luckily, there aren't many of those sites, and they're pretty much all sites I don't care for much anyway, so it's no big deal even if I forget them.


PS: Thanks for the recommendation. I'll check it out.


So, basically 13375p34|<?
7166 cr points
Send Message: Send PM GB Post
Online
Posted 9/26/16

eyeofpain wrote:
So, basically 13375p34|<?


Yes. I use leetspeak to substitute some letters for numbers, like "o" -> "0" (zero), then I type with an offset. So instead of typing "0" I type "p", and instead of "m" I type "9". If I intend to type a capital "M", I hit shift and "9", which gives me an opening round bracket.

It's simple enough to remember and can yield some incredibly complex passwords. It does bind me to a very specific keyboard layout, though, which makes it particularly difficult to use on devices with virtual keyboards, like phones or consoles.
I do know my keyboard layout by heart, but it takes a long time for me to remember it, hence why logging in on a phone isn't very convenient for me.
You must be logged in to post.