Prompt users to terminate active sessions after changing passwords
Closed, ResolvedPublic
Actions

Assigned To

None

Authored By

	epriestley
	Jun 30 2014, 2:48 PM

Description

This isn't really a security issue (users can terminate sessions in the Settings panel) but causes a ton of false positives on HackerOne.

After a user changes their password, we should prompt them to terminate all active login sessions.

rP Phabricator
	D10135	rP95eeffff7e5d Terminate other sessions on credential changes

epriestley raised the priority of this task from to Low.

epriestley updated the task description. (Show Details)

epriestley added a project: Security.

epriestley added a subscriber: epriestley.

Closed by commit rP95eeffff7e5d.