1

Personally I don't use social networks, so I'm not sure about their behaviour. Currently I must code website which heavily depends on "Likes" and "Tweets" about articles. Each article has Like and Tweet buttons. We expect that an average user will "Like" or "Tweet" 3-5 articles each day.

  1. User opens our page, finds an interesting article

  2. User clicks on "Like" button

  3. Facebook asks for credentials in a popup

  4. Popup closes, Likes increment by one

  5. However, if user decided to leave our page and visit his Facebook account - it turns out he is logged in. If he navigates around our page and decides to Like more articles - he doesn't need to type his credentials again because FB session is already in place.

It's fine if user is at home or uses his phone. However, that's a risk for public access computers (school, library). Is there anything I can do to lower the risk? FB session seems to be long-lived. For me it WAS NOT obvious that you will be logged in FB.. Maybe I'm just too old.

user3702861
  • 419
  • 1
  • 4
  • 8
  • Advice good practices: clear sessions and cookies. After all, I find this question quite off-topic –  Dec 22 '14 at 16:57
  • Yeah, but there is a **small** chance that 10 years old Billy or someone alike don't know what is session or cookie. – user3702861 Dec 22 '14 at 17:06

2 Answers2

0

Public access computers are typically set to destroy all user activity upon log out, or at least they should be. So don't worry about that so much.

Now for the bulk of your question: You are not responsible for Facebook's actions. You didn't code your api, you don't administer their account sessions. But since you have this knowledge, share it with your users. Next to the "like this page!" button, put a small disclaimer: "clicking this will require you to log into facebook on this computer." Now your users know they've logged in, and they can logout after they finish browsing. If they don't, then that's something they have to deal with. And if they don't understand because they're 10? Well, that's why we have the age limit of 13 for Facebook and other sites that collect data on people ;)

Ohnana
  • 4,737
  • 2
  • 23
  • 39
0

To answer the question in your title, yes it is a normal process for the user to be logged in after clicking "Like" or "Tweet" on a page. Facebook requires this (quite reasonably, in my opinion) to limit each individual to a single like. And Twitter needs the user to log in, of course, so that the sender of the tweet can be identified.

Based on a quick (and possibly incomplete) search I just did, the consensus seems to be that there are some scripts that should log the user out of Facebook -- but that these are unreliable and (if and when they do work) possibly a violation of Facebook policy. Unless you find other information, I would discourage you from putting too much energy into getting your site visitors logged out of Facebook after they click "Like". (I didn't search on Twitter, but I would be surprised if its behavior and policies are substantially different.)

I concur with the other responses that the best you can do (and the most you can reasonably be expected to do) is to remind the user that she or he will be logged in to Facebook/Twitter after clicking Like/Tweet, and that she or he should log out afterward if using a public computer.

Joe DeRose
  • 396
  • 1
  • 5