Hi @Karl-Heinrich, @cyberdave,
I don't use public computers at all, I have no banking app on my mobile phone, my computer locks by itself after 5 minutes of inactivity. I am not stupid. What I do not always do, is completely close my browser after having logged in on a secure page. Because I assume when I close the window that site is gone. I just checked with Google apps. If I close the window or tab and have no other Google pages open, I have to log in again with a password. (I am in Europe and perhaps this is different from USA, @cyberdave). I have no problems with the Webflow app staying open. Although if somebody else would use my computer I would log out. Imagine a kid of a builder playing around in Webflow.
The private page I don't want for myself. It is for students that treat clients. Those clients give me feedback and I want a system so the student has access to an edited version of that feedback. The feedback from the customer is sensitive and delivered in good faith. If the feedback gets into wrong hands, or even read by people who have nothing to do with it, my integrity is at stake because my customers and students trust me. And that makes me very nervous. Because if things can go wrong, they might go wrong. And with this kind of security, chances are higher it might go wrong. Not everybody is smart with computers and even if I would instruct students that they have to close the browser after looking at the page, some will not. And frankly if I would instruct my students to tell they have to close the browser, it shows lack of security. My thought as a student would be: "oh wow, that site is apparently not very secure. Why did he choose for such an amateur setup if information is sensitive? Why did he not pay a little bit more for a real professional setup?"
I just checked something else: I put in a new record in the collection and I changed the password of the private page. Then I published. Anybody who has opened the private page before and has not closed the browser, can acces the private page and read the new review without even having to put in the new password. Wow! That is insecure! Changing passwords on my end will only have effect if people have closed their browser.
I don't want to enforce anything on anybody. But builders and customers have different needs for security. So, I think it would be a great idea if there would be security levels that a Webflow customer can choose from. Like having to log in again after closing the window or tab; like log in again after a time-out, minutes of days; like log in again after a password has changed and at least blocking new information until the new password has been put in; and of course for the ones who don't have so much need for privacy: log in only after a browser has been closed.
Another consideration: I heard private pages and private websites are booming in a young generation, say age 20-30. Would be good to have options and being able to go along with a trend instead of having the chance of being looked at as old-school.