villabus Posted January 19, 2008 Posted January 19, 2008 OK. I want to be sure that I understand how this works and if it is not working has a fix been issued. In security is the option to check that a member is using a browser and is using an IP address. If someone logs in using IE7 than logs in using Firefox is the software supposed to kick one of them or block one of them? Same thing if a member logs in at work than goes home and logs in while still on at work. Is the software supposed to kick one of them or block one of them? It does not work on a 2.31 board and a 2.33 board. Do I have a misconception on how this is supposed to work.
bfarber Posted January 21, 2008 Posted January 21, 2008 It means the session in the database won't validate if the browser doesn't match. If the user has the appropriate member id and pass hash cookies, however, they can still get auto-logged in afterwards. The setting will help prevent session hijacking, but it won't kick a valid user out who uses two browsers and has logged in with both browsers.
Recommended Posts
Archived
This topic is now archived and is closed to further replies.