[PHPBB3-15881] Login keys are not reset after password update in some cases

XML

Word

Printable

Details

Type: Bug
Status: Closed (View Workflow)
Priority: Minor
Resolution: Fixed
Affects Version/s: 3.2.4
Fix Version/s: 3.2.5-RC1
Component/s: Login
Labels:
None

Description

In case of new password activation on password update, old login keys aren't reset, that may lead to unauthorized login (f.e. in case password was compromized and changed by someone else a user won't know that and will autologin as usually).

Attachments

Activity

People

Assignee:: Marc

Reporter:: rxu

Votes:: 0 Vote for this issue

Watchers:: 1 Start watching this issue

Dates

Created:: 24/Nov/18 4:27 AM

Updated:: 25/Nov/18 10:11 AM

Resolved:: 25/Nov/18 10:11 AM