> If you look at the login page you will notice, very prominently, the
> following
>
> --clipped--
> If you prefer not to set a cookie, use this login button instead:
> "Login without setting a cookie"

Ever actually tried it? It's an amazing pain to use.

The thing is, cookies can be designed with short expiration dates. A one-day
login shouldn't be unreasonable as a site default.

I admit that as a list owner, it's awfully convenient to log in without my
password every day. But I would be entirely willing, in fact eager, to have
logins be short-term for my subscribers, even at the price of having to come
up with my own password on a daily basis.

My eagerness is the result of three considerations:
1. I have problem subscribers I can't identify unless I start a renewal
system.
2. I have established that passive renewals don't do anything about failing
addresses, and nobody on the list has been able to explain why.
3. I have tried non-passive renewals on my own subscriptions, and discovered
that the persistent logins usually cause the confirm-command link in the
renewal message to fail, because when I hit it, I am logged in with a
different address.

The combination is one I can figure out, because I've been managing this
list for over a year, but I haven't been able to draft an explanation I can
expect all of my subscribers to understand.

Hal Keen