Hello, Jacob.
The current auth module has a very security bug, if the session cookie is
stolen by others, you cannot do anything to stop them.
You changed your password, but the session is still working. You signed
out, the session is still working. You can do nothing, but waiting for the
sessi
Yes, it's not really a security bug!
It's about to build a more secure account system.
On Monday, 19 March 2012 19:25:24 UTC+8, Florian Apolloner wrote:
>
> Hi lepture,
>
> aside from the fact, that it's not really a security bug we do ask people
> not to report s
