[wp-trac] [WordPress Trac] #61366: A password change should not destroy a user's session data.
WordPress Trac
noreply at wordpress.org
Mon Jun 17 16:41:06 UTC 2024
#61366: A password change should not destroy a user's session data.
------------------------------------+------------------------------
Reporter: snicco | Owner: (none)
Type: feature request | Status: new
Priority: normal | Milestone: Awaiting Review
Component: Login and Registration | Version: 6.5.3
Severity: minor | Resolution:
Keywords: | Focuses:
------------------------------------+------------------------------
Comment (by snicco):
The current way is actually the worse of both:
1. All stored data in the session is lost (see counter example)
2. The old session is not removed from the database at all, just the
cookie in the users browser changes.
--
Ticket URL: <https://core.trac.wordpress.org/ticket/61366#comment:4>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list