Jump to content

4.1.11: The manual log out "security improvement"


TSP

Recommended Posts

In your patch notes for 4.1.11 it now says: (my emphasis)

Quote

Any existing sessions for a member are now cleared if they change their password or click log out, meaning users signed in on multiple devices will need to sign in again after a password change or manual log out.

I don't like the sound of this at all. 

If I log in on a public computer, say at a library, then I don't want to have to log in once again at my home computer when I get home. 

Or lets say I'm testing something in Chrome incognito and I regularly manually log out and in of my account there as a result, then I don't want that result in me being logged out from my regular Chrome session. 

Have I misunderstood? @Lindy: could you elaborate? 

I fear this will just trigger a plethora of questions from people on why they are logged out all of a sudden. Take other popular sites, like Facebook: They don't log you out on your desktop computer even though you click to log out on your mobile phone. 

Please reconsider. 

(I don't mind it logging you out of other devices etc. when you change password)

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...