To make sure our databases run smoothly, we’ve made an update to how the login timeout works. Any user who has been inactive for 4 hours or more will automatically be logged out, unless you check the “keep me logged in for 2 weeks” box on the login page.
For more details on the change, please check out our update here.
With all due respect and genuinely trying to be constructive, you should fix whatever it is that’s performing so poorly in your database infrastructure instead of cutting down on features to keep the thing trudging along. Such a short login timeout is something I haven’t seen outside of banking and military websites.
You’ve already removed the review API over a year ago because the database couldn’t handle it, now you limit sessions to a few hours. And I can’t even make sense of the technical justification: if you need to keep tabs on what users are active, why not base it on the last lessons/reviews instead of login time? And if everybody can just opt into a 2 week timeout anyway, how does that even help? Why does having a cookie in your browser have an influence on your database performance anyway? What about people who use apps through the API? I can’t even fathom how that would work.
And honestly if somebody wants to use my account to do my reviews for me I’d say let them, security be damned.
I don’t get why the WaniKani team is struggling so hard with that stuff. There are dozens of language learning sites that offer SRS on vastly bigger datasets and they don’t have these issues despite often offering more features. Take Clozemaster for instance, it looks like a website that was coded in a weekend, it offers dozens of languages and hundreds of thousands of items (for free) and, guess what, I just opened the website for the first time in a year and I’m still logged in, with over 9k Russian reviews waiting for me. Clozemaster also offers configurable SRS intervals, better stats and a bunch of other things that WK doesn’t have and that would add to the database load.
Handling a few hundred review events per user per day shouldn’t be a technical challenge in 2024. It would barely have been a challenge in 2004. You could probably use SQLite and it would work just fine. In fact that’s kind of what Anki does.
I feel bad always complaining about the technical side of WK in these forums, and a login timeout is not the end of the world, but frankly as a software dev myself I’m just baffled by the insane technical debt that seems to plague this platform. Dropping a login timeout to 4h should be seen as a temporary workaround while you work on solving the underlying issue, not a long-term solution for a problem I can’t even comprehend exists in the first place.
The content of WaniKani is generally good and always improving thanks to the regular (and appreciated) content updates. Stop letting this codebase and poor DB management drag you down.
I agree. I’ve never heard of such a short session timeout before (outside of banking and healthcare) and can’t imagine how this would even fix any performance issues. Honestly, to me the only correct session timeout period for a non-sensitive website is never. Sure, reauthenticate on sensitive pages like purchases and profile changes, but there’s no reason to ever log people out completely.
Does this just apply to the website or will it also log users out of the forums? I think it’s just the main website and the forums are through discourse but I’m not sure. Since I use Tsurukame to do reviews through the API I don’t login to the actual site much except to get to the forums.
The notion site shares that the reason for this change is to “organize data so that active learners are prioritized.” Just a curiosity: How are currently active users’ data organized in a way that makes it faster to access than an inactive user? How does a user being logged in effect data that has already been stored?
This must be the strangest solution to performance issues. Forcing users to log in more often increases workload for server, not the other way around. Also I am guessing the server is somehow caching data and sorting it manually instead of relying on optimized data processing engines like an actual database. If this is the case, please hire someone who actually know how these things work and how to use them.
I am increasingly more convinced that all programmers quit WK and this is just HR staff trying to “improve” the website. Think about it, so many recent updates are the opposite of what any sensible developer would do.
So far, whenever WK performed a force-logout on my account, I was also logged out of the forums. I assume that will happen in this case as well?
Given that many forum users don’t actively use WK any more, do you think they will take on the burden of logging in even every two weeks? I guess the forums will quickly become a cold, lonely place without anybody to answer the newbie questions.
Luckily there is Natively with its forums for those who will keep being kicked out of here.
Just what I always wanted. Another step between me and my reviews to mess with my brain and make it less likely I get them done. Oh wait. That’s the opposite of helpful. How very appreciated.
Let’s imagine the database is struggling, so it must be the amount of data that it’s struggling with, right? So they looked at the database tables, and it turns out that the longest table is … the sessions table! And the rest is history…
Not very active in the forums (lurker <3 ; and unfortunately due to Universe being bleh on vacation mode…) but the whole thing is just fishy… while cookie itself doesn’t impact the performance it’s session has to be stored somewhere so it would boil down to the mentioned session table but running out of space in that table is just odd. More likely issue with indexes/queries being utterly slow due to lack of optimizations? But that’s solvable problem and limiting session timeout looks like the weirdest workaround ever
And the “security”… for crying out loud - it’s an SRS website, not a bank… Even payment is handled via stripe so no payment details are stored here =,=
I’d say that majority of the users use their own personal computers so this is a moot point… what’s more - 4h/2weekes is still to long of a window if we are so sensitive about “sEcUrItY”
Combine both options: get the guru reviews right so you don’t learn anything, but get the burn reviews wrong so you have to wait another four months for them to come up again.
This change sucks and is very annoying! Please reconsider this, the reasoning is bizarre and I have never once heard of such an implementation on any other platform for the stated reason. I don’t know why Wanikani keeps insisting on shooting itself in the foot with updates, but I really wish it would stop.
Can’t say anything about the technical aspects behind the decision, just want to say thanks for making it clear in the web copy that the “keep me logged in” text clarifies that it’s for two weeks.
Previously, I would check that box and still get logged out on what felt like a regular basis. Now at least I know that’s true.