[wp-trac] Re: [WordPress Trac] #5367: Wordpress cookie
authentication vulnerability
WordPress Trac
wp-trac at lists.automattic.com
Sat Dec 1 01:14:28 GMT 2007
#5367: Wordpress cookie authentication vulnerability
-------------------------------------+--------------------------------------
Reporter: sjmurdoch | Owner: westi
Type: defect | Status: assigned
Priority: normal | Milestone: 2.4
Component: Security | Version: 2.3.1
Severity: normal | Resolution:
Keywords: security, password, md5 |
-------------------------------------+--------------------------------------
Comment (by darkdragon):
Replying to [comment:18 westi]:
> Known issues:
> 1. Only supports a single authentication token for a user so you cannot
be logged in from two places at once.
I would term this a feature, but since I'm always signed in at home and
usually sign in from various other places, it could become a hassle. What
if I'm in a location temporary and leave without the ability to go back?
Will there be a time limit of when that token will expire so that I can
eventually sign in at another location even if I hadn't signed out at that
other place?
--
Ticket URL: <http://trac.wordpress.org/ticket/5367#comment:19>
WordPress Trac <http://trac.wordpress.org/>
WordPress blogging software
More information about the wp-trac
mailing list