Page MenuHomePhabricator

Prompt users to terminate active sessions after changing passwords
Closed, ResolvedPublic

Description

This isn't really a security issue (users can terminate sessions in the Settings panel) but causes a ton of false positives on HackerOne.

After a user changes their password, we should prompt them to terminate all active login sessions.

Event Timeline

epriestley raised the priority of this task from to Low.
epriestley updated the task description. (Show Details)
epriestley added a project: Security.
epriestley added a subscriber: epriestley.