 |
June 22, 2013, 02:57:49 PM |
|
Increasing your idle time-out increases risk in cases where somebody else has access to your computer. The highest risk is when using a shared computer, say at a library or university computer lab, where any old random stranger could sit down at the computer as soon as you step away. If you were logged in, forgot to manually log out, and left the computer, a longer idle timeout means a larger window for somebody else to mess with your account. (I consider it a bad idea to log in to something like Mt. Gox from any shared computer at all, and not just because of the idle timeout. If it's a machine you don't control, it's a machine you can't trust.)
On your home computer, it's obviously less of a concern, but keep in mind that even if you trust everyone in your household not to steal your money, you also have to trust them not to think it'd be funny to change your Mt. Gox password or something like that.
Regardless of where the PC is or who it belongs to, if it's been compromised in certain ways - if somebody has remote access to your system without your knowledge, for example - increasing your idle timeout increases your risk. For most breaches, though, idle timeout will be the least of your concerns. Keyloggers and BTC-stealing trojans are a lot higher on the list.
One thing you don't have to worry about: an increased idle timeout will not make it any easier for somebody to guess or crack your password.
As a point of reference, I have my idle timeout set to two hours. I only ever log on from one trusted computer, which nobody else has physical access to, and I never leave myself logged on when I leave the building.
|
