Till last week this was happening usually, and I only needed to log-in again clicking on the "log in" button, it made it automatically without needing to enter the password again. Since there's a "Donate" button next to the log-in button, I have to fully log-in again, and I use F2A, so it is even more annoying.

And again this morning.

And again just now. Earlier today, I was using both my desktop and laptop on my home network. Right now, I'm on my laptop on a public WiFi connection and got logged out. This is just one day since the previous event.

Just got logged out again as well. For me it hasn't happened since mid August as far as I'm aware.

The same, keep getting logged out. I virtually have to login every day, and even with the "keep me logged in" checkbox ticked, I keep getting logged out once I close the browser.

Just happened again.

Thanks everyone to the reports, and especially to @JJMC89, @Reader_of_Information, @Nikki, @AntiCompositeNumber and @RoySmith for the very detailed information!
In case someone wants to review quickly I summarized them here: https://docs.google.com/spreadsheets/d/1GjLUOWXcxyqraEb46cxHcgKEAwCkDyIUKHIWu9ECRyk/edit
What's come out of it so far:

• Affecting a significant amount of people (we have about two dozen reports so far) but probably not everyone (I think we'd have way more reports then).
• It happens on many different browsers / devices, so clearly not an issue with a browser / browser plugin / OS / firewall / etc.
  • No one reported it happening on a mobile app yet. Maybe that's just chance (apps have less users) but the apps handle cookies differently from browsers so it's potentially interesting.
• Usually happening every few days, but it's quite irregular (for some people, happened about once a month; for some people it happens daily, or multiple times a day).
• People checking the "Keep logged in" checkbox are definitely affected.
• People definitely get logged out on the same wiki where they logged in, which means the problem can't be limited to the various CentralAuth functions that spread login state from one wiki to another (Special:CentralAutoLogin etc).
• It's not very clear whether people are logged out on different domains simultaneously; some comments seem to indicate yes, some no.
• For people who use multiple devices, usually only one device is affected at a time.
• Usually happens when people are inactive for a while (e.g. they see it when they start editing the next day), but a few people report it happening in the middle of doing something (e.g. they start an edit and by the time they save it, they are logged out).

That doesn't really align with any hypothesis I could come up with:

• Session store issues: should not affect people who used the "keep logged in" checkbox, as such login sessions fall back on the user token in the database after a session store miss.
• Central login or autologin issues: these might prevent the user from being logged in when visiting other wikis, but should not affect at all their login status on the wiki where they performed the login.
• The processing of the "keep logged in" checkbox (internally, the "remember me" flag) is somehow broken: this would cause logins to expire after a day of inactivity. But it can't cause them to expire faster than a day. (Also, the reported cookies are consistent with the flag working correctly.)
• Some server-side process changes the central user token: this would log the user out on all devices simultaneously, not just one. (Also, what exactly? Other than manual logout, the only caller to CentralAuthUser::resetAuthToken() is SessionManager::invalidateUserSessions(), and the only caller to that that seems remotely relevant is expireTemporaryAccounts.php; I double-checked that and it is definitely limited to temporary accounts.)
• Some server-side process changes the local user token: this would make sense in terms of timing (since it doesn't depend on what the user does, it's somewhat uniformly distributed in time so usually but not always happens during inactivity) and can affect multiple wikis that share the same parent domain (since SessionManager will clear all cookies on the next request). But I don't think it can account for the user getting logged out simultaneously on multiple domains that do not have the same CentralAuth cookie domain (which means the user would typically not get logged out on loginwiki either, so the next autologin should work). Also, what would do that? The only remotely viable code path I can find is DatabaseBlockStore::insertBlock() -> User::setToken(), with maybe cross-wiki blocks mixing up the wikis so the user ID gets interpreted in the context of the wrong wiki. That seems possible, but there are way too few cross-wiki blocks (I think it's only used for account suppression?) for it to happen so frequently.
• SessionManager incorrectly sees a valid set of cookies as invalid (possibly in the context of a different wiki than the one the user is visiting, e.g. if it happens on a cross-wiki user script or a CentralNotice banner request) and deletes the cookies: doesn't align well with the reported timing, and also, Wikipedia / Commons / Wikidata / Meta / loginwiki all use different cookie domains and could not be affected at the same time.

So it's not any clearer what's happening; I'll try to do some Logstash digging for the instances which have been reported with an exact timestamp.

In T372702#10143809, @kostajh wrote:

This task is a concern for Temporary accounts project, in that once a user is logged out of their temporary account, there's no way to log back into it. Is it possible to instrument how often these unexpected logouts are happening, bucketed for named and temporary accounts?

We could instrument how often MediaWiki clears session cookies. I don't think it would be very useful though - since it happens when the session cookies are invalid or inconsistent (e.g. a mismatch between the user token in the cookies and in the database), it would be hard to say which user is being affected; and some (probably most) of these events are normal, e.g. when a user does not use "keep me logged in" and their session store entry expires (so the session ID in the cookies mismatches the session store), or when they visit another wiki after logout and still cookies for it (but logout updated the user token so it won't match).

In T372702#10146407, @RoySmith wrote:

...I'm still logged in on https://wikitech.wikimedia.org; I thought that had been merged with the wikipedia single sign-on system?

Not at the time of your comment, it got merged on Oct 1 (rOMWC448af51b2ac5: wikitech: Soft connect wikitech to SUL).

In T372702#10186092, @RoySmith wrote:

May I suggest a debugging strategy: examine the server logs for login and logout events.

That's an interesting idea, thanks! I forgot we have DB logs for those (the Logstash logs don't support complex queries) but CheckUser does have a private record of them. It will be pretty noisy since we don't record there whether "keep me logged in" was used, and without that having to log in ~daily is normal and expected; but maybe it's still useful.

Change #1078084 had a related patch set uploaded (by Gergő Tisza; author: Gergő Tisza):

[mediawiki/core@master] UserSelectQueryBuilder: temp() should not select non-temp users

https://gerrit.wikimedia.org/r/1078084

Change #1078085 had a related patch set uploaded (by Gergő Tisza; author: Gergő Tisza):

[mediawiki/extensions/CentralAuth@master] UserSelectQueryBuilder: temp() should not select non-temp users

https://gerrit.wikimedia.org/r/1078085

Hi. I just wanted to mention I’m having this issue with Phrabicator too. Thought it’d be interesting to add.

Also, as for the devices. I’ve noticed its stopped lately on my mobile because I at least have one Wikipedia tab running in the background but it ends up logging me out after despite me having it checked. Thought it’d be interesting to add.

I had this issue with phrabicator today at least at the time I noticed but it could’ve logged me out prior.

Change #1078084 merged by jenkins-bot:

[mediawiki/core@master] UserSelectQueryBuilder: temp() should not select non-temp users

https://gerrit.wikimedia.org/r/1078084

@Tgr thank you for the summary. Since I seem to be able to replicate this every few days, let me know if there's any data that would be useful for me to collect the next time it happens.

Change #1078085 merged by jenkins-bot:

[mediawiki/extensions/CentralAuth@master] UserSelectQueryBuilder: temp() should not select non-temp users

https://gerrit.wikimedia.org/r/1078085

Hey @RoySmith
If you can, could you edit the description to be more accurate?

@Reader_of_Information I'm not sure what you're asking.

But, just for the record, I'm logged out again this morning.

In T372702#10186092, @RoySmith wrote:

May I suggest a debugging strategy: examine the server logs for login and logout events. Any time you find two consecutive logins for the same user without an intervening logout (excluding the standard 1-year cookie expiration), that's probably one of these.

It seems we don't have the CU private events data in Hadoop so it can't easily be aggregated from multiple wikis. (We probably should? Filed T376752 about it.) So I did some queries for enwiki only, and simpler ones than what you suggested (SQL doesn't lend itself well to detecting sequences of events - "two logins with no logouts between them" would be a double join, and even single joins take long).

This is the number of people with more than one login in a given (UTC) calendar day (query: P69503):

This is the number of people with more than X logins in a given calendar month (query: P69504):

That doesn't really change over time (other than the two incomplete months being lower, which is expected, even with the normalization).

OTOH the number of successful top-level autologins (when you click on the "login" link and get logged in without having to enter your login details) went up sharply (from ~1.5/min to ~1.9/min, so about a 25% increase). Back then we attributed this to bot activity as there was a huge spike of unsuccessful attempts at the same time and those all came from the same cloud computing center; but in hindsight it's easy for a bot to make unsuccessful attempts but it's very unlikely it would make successful ones (which requires actually being logged in); and in any case the bot activity has gone down since then and the increase in successful top-level autologins didn't.

successful	successful, rolling average, with deployments marked	error	unsuccessful (user not logged in centrally)

So that implies that something (session handling? the more invisible autologin variants?) went wrong around August 8th, forcing people to do frequent top-level autologins; but people having to do normal logins is still infrequent enough that it does not show up in the stats. The need for more frequent logins and the need for more frequent top-level autologins might or might not be the same issue; but this one at least has a clear starting point (and it matches the time people started reporting login issues reasonably well).

That would put the origin of the issue (or one of the issues) to the wmf.17 release or these backports. Nothing there stands out to me, though (other than enabling NetworkSession but that was already investigated and mostly reversed in T373826 and doesn't seem to be related).

Hi,
I’ve noticed something strange and I think it’s intriguing to investigate.

On mobile I’ve been leaving my Wikipedia tabs open and never get logged out for the most part. But on my desktop whenever I x out a window related with me being logged in, it does log me out eventually albeit I haven’t determined the time amount. I think it’s something worth looking into. Perhaps the session cookies could be malfunctioning and be making it think that it still is not checked. Not sure. ¯\_(ツ)_/¯

And the intriguing part is on desktop I have it so it stays 365 days and it still logs me out. ¯\_(ツ)_/¯

In T372702#10213521, @Reader_of_Information wrote:

And the intriguing part is on desktop I have it so it stays 365 days and it still logs me out. ¯\_(ツ)_/¯

Just for the records, it says "keep me logged in for up to a year".

In T372702#10213524, @Aklapper wrote:

In T372702#10213521, @Reader_of_Information wrote:

And the intriguing part is on desktop I have it so it stays 365 days and it still logs me out. ¯\_(ツ)_/¯

Just for the records, it says "keep me logged in for up to a year".

If that’s the case then what’s the point of the check mark? It shouldn't be logging me out as soon as I x out of the window.

Hmmmmm. Like that’s a little odd isn’t it? Could it be that’s what’s cause the issue. The code saying its up for a year instead of it being any time? Hmmmm. Idk ¯\_(ツ)_/¯ that’s my personal opinion.

Just got logged out again, this time on Chromium (Arch Linux). I was logged in a few hours ago still, but now I got logged out all of a sudden.

So that implies that something (session handling? the more invisible autologin variants?) went wrong around August 8th

And something got abruptly better on August 27th, started ramping up again around September 3rd, and then abruptly got better again on September 17th or so. And again on September 28-ish. I know almost nothing about the production infrastructure, so this is all just shots in the dark, but to me this doesn't smell like it's caused by some piece of broken software being rolled out. I wouldn't expect that to have the abrupt recoveries.

My next suggestion would be to graph every bit of performance data you've got and see which graphs show this same slow ramp-up then abrupt recovery on those dates.

Just a while ago, I was signed out from en-wiki 3 times consecutively within a few minutes, although I kept pages opened. First 2 times I had to re-enter my password to sign in but, the 3rd time I was centrally logged back in.

In T372702#10213513, @Reader_of_Information wrote:

But on my desktop whenever I x out a window related with me being logged in, it does log me out eventually albeit I haven’t determined the time amount.

Normal behavior is that if you haven't selected "keep me logged in", you'll be logged out in that browser after either an hour or a day of inactivity (ie. that much time passing without you loading any Wikimedia page in that browser), depending on whether your browser likes third-party cookies. Or exactly 30 days after you logged in, if that happens sooner.
(If you did check "keep me logged in", then you'll always be logged out exactly 365 days later.)

Safari with Intelligent Tracking Prevention enabled (the default) claims to modify cookie lifetimes in some situations though, so I'm not sure how much of this applies there. There's apparently a debug console, maybe that gives more information about what's going on.

In T372702#10215936, @RoySmith wrote:

And something got abruptly better on August 27th, started ramping up again around September 3rd, and then abruptly got better again on September 17th or so.

I'm pretty sure that's just bot activity (we sampled it and it was coming exclusively from Tencent Cloud). The green chart is the one that probably reflects this bug, and that has a single jump. I discounted it initially as being a side effect of whatever that bot was doing, and that was a mistake.

OK, thanks. I assume most of the spikiness in the green graph is just overall traffic volume varying over each 24 hour cycle?

I don't know if this is useful information, but I was logged out twice in the circa 24 hours leading up to 20:15 8 October (I logged in shortly before that timestamp). I then remained logged in until some point between 22:43 on 10 October (I was logged in when I got a notification of and read a post made at that timestamp) and 00:05 on 11 October (when I reloaded a page I had had open). During this period I have edited only en.wp but I have also viewed Commons, Meta and en Wiktionary.
I have been logged in and have opened, closed and not closed pages in both Firefox and Chromium on the same desktop computer (running Xubuntu Linux). I've not logged in with this account on any other browsers of devices between the log out events. I think I read the 22:43 post on Firefox, but I was logged out when I reloaded the page in Chromium. In normal times I use the browsers fairly interchangeably and don't get logged out randomly.

And this evening it happened to me on my phone, which had been logged in as [[User:RoySmith-Mobile]].

In T372702#10220313, @Thryduulf wrote:

I don't know if this is useful information, but I was logged out twice in the circa 24 hours leading up to 20:15 8 October ...

According to Thryduulf, in the same timespan I was logged out four times. And four times is much within 24 hours. Is it really a cookie issue?

@thiemowmde : Could your Technische Wünsche Team notice such a problem within this long timespan of this misbehavior? Can you or your team help to find a solution of this bug or software issue, please?

Unfortunately the WMDE-TechWish team currently doesn't know anything about this issue. But we will watch and report in case we notice anything. Thanks for letting us know!

Not sure if this is the same issue, but since several weeks I get automatically logged out of all Wikimedia projects every day, sometimes several times per day. I tried in different browsers, cleared cookies and browser settings, hasn't helped me. User:Spinster

Top-level autologins start increasing around Aug 8-10 and gradually continue until Sep 8 or so. That suggests there is something wrong with (local or central) session objects written after Aug 8 (or with the session cookies, but those are easier to inspect and look fine). So as old (correct) session objects expire, the problem becomes more frequent. 30 days is the expiry for for most authentication cookies when "keep me logged in" is not used; presumably most people don't use it, that's why the change is gradual. At least that's the only hypothesis I can come up with that fits the data; I think problems in most other components would result in a more sudden spike in autologins. But it doesn't explain why would users who do check "keep me logged in" be affected; they get cookies with 365 day expiry, and I don't think there is anything else involved with an expiry of 30 days.

This just happened to me again, on my desktop. What makes this one different from others is that I saw it happen in real-time. In all the previous examples, I'd come back to my machine after not using it for a while and found I was logged out. In this case, I clicked on some link and was taken to

https://en.wikipedia.org/w/index.php?returnto=Special%3AWatchlist&returntoquery=&title=Special:UserLogin&warning=watchlistanontext&centralAuthAutologinTried=1&centralAuthError=Not+centrally+logged+in

Hmmm, I don't remember exactly, but I guess from that URL, the link I must have clicked on was to view my watchlist.

I see in my browser console:

7Unchecked runtime.lastError: The page keeping the extension port is moved into back/forward cache, so the message channel is closed.Understand this error
Unchecked runtime.lastError: The page keeping the extension port is moved into back/forward cache, so the message channel is closed.Understand this error
Unchecked runtime.lastError: The page keeping the extension port is moved into back/forward cache, so the message channel is closed.Understand this error
Unchecked runtime.lastError: The page keeping the extension port is moved into back/forward cache, so the message channel is closed.Understand this error
Unchecked runtime.lastError: The page keeping the extension port is moved into back/forward cache, so the message channel is closed.Understand this error
Unchecked runtime.lastError: The page keeping the extension port is moved into back/forward cache, so the message channel is closed.Understand this error
Unchecked runtime.lastError: The page keeping the extension port is moved into back/forward cache, so the message channel is closed.Understand this error
Unchecked runtime.lastError: The page keeping the extension port is moved into back/forward cache, so the message channel is closed.

I'm logged out of commons and wikidata, but still logged into wikitech.

Here's my (sanitized) cookies:

In T372702#10215541, @Mondo wrote:

Just got logged out again, this time on Chromium (Arch Linux). I was logged in a few hours ago still, but now I got logged out all of a sudden.

And yet again I'm logged out on Chromium, just a few days later. This issue is really getting on my nerves now.

@Tgr
I’ve been logged out two times within the last 3 days, and I’ve noticed a common pattern. It usually happens after I x out the tab. Yes, I did click remember me.

I think its worth something looking into.

Also, I wonder if this is happening to Chromium users only. Does anyone here have this problem on Firefox?

Plus the fact that it is more common with Chromium users is quote odd. I have a feeling it is related to https://phabricator.wikimedia.org/T374184 . However, I don’t have said plugin mentioned in the ticket which is kind of strange.

In T372702#10223446, @Reader_of_Information wrote:

Also, I wonder if this is happening to Chromium users only. Does anyone here have this problem on Firefox?

Yes. I commented above that I use both. Today (some time between 12:37 and 15:20) I was logged out again. I made my most recent edit and read in Firefox and then returned to Firefox a previously opened tab in Firefox to find I'd been logged out. I have opened and closed multiple tabs in both browsers since I was previously logged out. I think I've only read en.wp and Wiktionary in the most recent spans between logouts.

I also commented that I experience this in multiple browsers, including Firefox.

I know this is occurring on English Wikipedia, Wikidata, Wikitonary, but I haven’t heard of any of this occurring on the other language wikis. Does anyone know of such is occurring on there?

In T372702#10223506, @Reader_of_Information wrote:

I know this is occurring on English Wikipedia, Wikidata, Wikitonary, but I haven’t heard of any of this occurring on the other language wikis. Does anyone know of such is occurring on there?

It happened for me on Commons and Wikidata as well, which are not language based wikis.

Hmmmm. Yeah I’m aware but I’m wondering this because if this isn’t occuring on the French wiki for example and the codes are not centralized for each wiki, I wonder if the debuggers could try to find what code different there is and thus find the solution to this problem. Of course its like finding a needle in a haystack but I mean what other solutions are there?

Because although the login system is centralized, that does not mean that how each wiki handles the login system is the same. I mean the fact that there are no reports from these wikis is kind of strange.

In T372702#10223506, @Reader_of_Information wrote:

I know this is occurring on English Wikipedia, Wikidata, Wikitonary, but I haven’t heard of any of this occurring on the other language wikis. Does anyone know of such is occurring on there?

I have commented several times that I experience it on the Dutch Wikipedia, Wikidata and Commons. So yes, other language wikis as well, because Dutch.

Alright. Just wanted to ask. 👍

In T372702#10223506, @Reader_of_Information wrote:

I know this is occurring on English Wikipedia, Wikidata, Wikitonary, but I haven’t heard of any of this occurring on the other language wikis. Does anyone know of such is occurring on there?

For me it happen in every wiki, except metawiki. I wondered, while I'm logged out from every wiki, but haven’t encountered any problems with the meta wiki. Maybe something wrong with SUL!?

I use basically Basque wikipedia and only on Firefox, so is not limited to Chrome and English.

Yes, it's a global problem. I got these problems with frwiki, nlwiki, dewiki, enwiki, pflwiki and more, but also commonswiki, wikidatawiki, metawiki and test2wiki. I use several browsers like Edge, Chromium and Firefox mobile and desktop on Windows 10 and Windows 11. It appears that the type of browser, operating system, or type of wiki doesn't matter at all. I always check the "stay logged in" option ...

... and maybe important or without matter: I use 2FA login.

Suggestion: as this affects many users, a summary of the situation (what is known and what is investigated) should be posted in the task description. Thank you in advance!

Strangely enough, today I was logged out from Meta, but not from Basque Wikipedia. I needed to log again at Meta, with 2FA, but I wasn't logged out from euwiki, as usually happens.

In T372702#10228296, @Theklan wrote:

Strangely enough, today I was logged out from Meta, but not from Basque Wikipedia. I needed to log again at Meta, with 2FA, but I wasn't logged out from euwiki, as usually happens.

Theklan, indeed, it's not new: sometimes I also become logged out from a wiki of the one language but stay logged in in a wiki of the other language. Really, this sounds a bit weird! But I noticed this too. But only within this affected timespan since August.

Change #1081441 had a related patch set uploaded (by Gergő Tisza; author: Gergő Tisza):

[mediawiki/core@master] SessionManager: Add more logging when unpersisting invalid sessions

https://gerrit.wikimedia.org/r/1081441

In case it's helpful, I've accidentally discovered that actively logging out doesn't prevent this from happening. Yesterday (18 October) I misclicked and logged out at ~18:35, logging back in straight away. Today (19 October) I was logged out by this bug at some point between 09:42 and 11:36.

Change #1081967 had a related patch set uploaded (by Gergő Tisza; author: Gergő Tisza):

[mediawiki/extensions/CentralAuth@master] Log unexpected central session lookup misses

https://gerrit.wikimedia.org/r/1081967

@Tgr It is extremely annoying when the logging out happens to working bot accounts, here user:CactusBot of user:Cactus26 . The fact that the logged out bot account continues to edit under an IP and then without bot flag is often very problematic. I think the solution of this task should be given higher priority and include sprints.

see: https://de.wikipedia.org/wiki/Spezial:Beitr%C3%A4ge/2003:DF:273F:2100:291B:1A3:5071:E6D4
see: https://de.wikipedia.org/wiki/Benutzer_Diskussion:Doc_Taxon#Bot%20unangemeldet?

Change #1081967 merged by jenkins-bot:

[mediawiki/extensions/CentralAuth@master] Log unexpected central session lookup misses

https://gerrit.wikimedia.org/r/1081967

Change #1081441 merged by jenkins-bot:

[mediawiki/core@master] SessionManager: Add more logging when unpersisting invalid sessions

https://gerrit.wikimedia.org/r/1081441

Change #1082464 had a related patch set uploaded (by Gergő Tisza; author: Gergő Tisza):

[mediawiki/core@wmf/1.43.0-wmf.28] SessionManager: Add more logging when unpersisting invalid sessions

https://gerrit.wikimedia.org/r/1082464

Change #1082465 had a related patch set uploaded (by Gergő Tisza; author: Gergő Tisza):

[mediawiki/extensions/CentralAuth@wmf/1.43.0-wmf.28] Log unexpected central session lookup misses

https://gerrit.wikimedia.org/r/1082465

In T372702#10252871, @doctaxon wrote:

@Tgr It is extremely annoying when the logging out happens to working bot accounts, here user:CactusBot of user:Cactus26 .

I would be surprised if that would be the same issue. Not strictly impossible, but the way bots and browsers authenticate has more differences than similarities.
Do you know what code that bot is running?

The fact that the logged out bot account continues to edit under an IP and then without bot flag is often very problematic.

In general, bots making edits should use assertuser.

I think the solution of this task should be given higher priority and include sprints.

I'm sorry this bug has dragged on for months, that was a misjudgement on my behalf. But right now the problem isn't lack of priority (it has been in our sprint for a couple weeks) but not having good ideas on what to do. Hopefully the new logging will capture something revealing.

Change #1082464 merged by jenkins-bot:

[mediawiki/core@wmf/1.43.0-wmf.28] SessionManager: Add more logging when unpersisting invalid sessions

https://gerrit.wikimedia.org/r/1082464

Change #1082465 merged by jenkins-bot:

[mediawiki/extensions/CentralAuth@wmf/1.43.0-wmf.28] Log unexpected central session lookup misses

https://gerrit.wikimedia.org/r/1082465

Mentioned in SAL (#wikimedia-operations) [2024-10-23T20:50:10Z] <tgr@deploy2002> Started scap sync-world: Backport for [[gerrit:1082464|SessionManager: Add more logging when unpersisting invalid sessions (T372702)]], [[gerrit:1082465|Log unexpected central session lookup misses (T372702)]]

Mentioned in SAL (#wikimedia-operations) [2024-10-23T20:52:43Z] <tgr@deploy2002> tgr: Backport for [[gerrit:1082464|SessionManager: Add more logging when unpersisting invalid sessions (T372702)]], [[gerrit:1082465|Log unexpected central session lookup misses (T372702)]] synced to the testservers (https://wikitech.wikimedia.org/wiki/Mwdebug)

Mentioned in SAL (#wikimedia-operations) [2024-10-23T21:05:18Z] <tgr@deploy2002> Finished scap sync-world: Backport for [[gerrit:1082464|SessionManager: Add more logging when unpersisting invalid sessions (T372702)]], [[gerrit:1082465|Log unexpected central session lookup misses (T372702)]] (duration: 15m 07s)

I have added some extra logging which is not very privacy-friendly and I don't want to keep it around longer than I have to; if you experience any logout issues in the next few days, could you please comment with an approximate timestamp of when it happened? Thanks!

@Tgr: I, user:Doc_Taxon, have been logged out from all existing wikis and commons and wikidata approximately between 10 and 14:51 UTC, 2024-10-24 , without clicking log out or doing anything similar.

and logged in again 14:58 UTC

I was logged out *again* on Chromium a few hours ago.

@Mondo: is Mondo your Wikipedia account username too?

@doctaxon Yes, it is.

@everybody: If you experience a logout in the next few days, please provide us with the approximate timestamp including the time zone and your Wikipedia username. Thank you

I was logged out at some point between 0814 and c. 1945 UTC yesterday (23 October). Sorry I can't be more precise but I was out all day so the logout happened either while I was away or on one of my first page loads after returning. I most recently logged in previously at circa 1136 on 19 October after a previous unrequested logout. My username is Thryduulf.

I've just been logged out again (circa 21:30 UTC 26 October). I was reading (and made a reply) in Chromium and then switched to Firefox and reloaded a page that was already open and found I'd been logged out.
My edit was a 21:27 UTC I think I (re)loaded a page after that but I might just have read ones I'd opened previously. I logged in again at approximately 21:32 UTC.
My username is still Thryduulf