Hi,

First thing to understand is that when you are using a service like RPX aka JanRain Connect, at no point ever do we have access to your password at the authentication source, like we don't get your google password or Facebook password or any password no matter which type of account you use. If a user registers using that service a random password is created and stored on the user account and the user could retrieve that password and login to the site without using RPX, but the idea of RPX is that they don't have to know about or remember that system generated password, they can use RPX with their existing 3rd party account password so that they don't have to remember any new passwords, but at no time does RPX ever provide the password to us and neither does RPX even know what your password is, they just bring together different authentication services under one wrapper, but the authentication happens at the source like at google or at Facebook without ever sharing your password anywhere. Its like google does the authentication and tells RPX if it was successful and RPX tells mojoPortal it was successful so we set a cookie to log you in to the mojoPortal site and all this happens through service negotiations without ever sharing your password.

If you login using RPX they may have a setting about whether you stay logged in on their end, you may need to look at that when you login with RPX, but as far as on the mojoPortal end when the service tells us you are authenticated we set a persistent login cookie. If you sign out it clears the cookie. But our cookie has nothing to do with remembering your password it just remembers whether you are authenticated.

Hope it helps,

Joe