Banks and other financial institutions whose websites do user hostile things in the name of security, such as log you out on one browser tab when you log in on another, reflect a *profound* lack of confidence in their own web security

Sites like Gmail must be among the most continuously attacked by some of the most sophisticated adversaries. Yet Gmail has no trouble with me logging in with multiple windows & tabs. In fact Gmail basically *never* logs me out *ever*

Not saying if Google can do it, so can you, because clearly they have incredible resources. But for fuck's sake, let me log into two tabs at once

@zcutlip That "security" is sometimes "job security": no one in their right mind would use JSF (that produces the exact behavior you describe) unless they can bill by the hour after they locked in the bank with their software built on a (brain)dead framework.

@buherator hmm interesting

bank websites are the worst 😡

@zcutlip I pulled my hair a lot because of that pile of shit until I found this article and while the tech remained the same, at least I started to understand the idea behind it:

"makes perfect sense when you are in the business of breaking stuff so people have to pay you for fixing it."

https://dzone.com/articles/why-you-should-avoid-jsf