Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Persistent login cookie improvements #1569

Open
robocoder opened this issue Aug 9, 2010 · 0 comments
Open

Persistent login cookie improvements #1569

robocoder opened this issue Aug 9, 2010 · 0 comments
Labels
Task Indicates an issue is neither a feature nor a bug and it's purely a "technical" change.
Milestone
Backlog (Help wan...

Comments

@robocoder
Copy link
Contributor

In #1419, we deferred implementation of these recommendations:

which would narrow the window of opportunity for an attacker to exploit a stolen login cookie, and provide a means to warn the victim of a stolen login cookie that has been used.

Notes: plugins/Login/Auth.php would have to accommodate the additional table and SQL required by the above. I recommend considering the requirements of #809 (OAuth) when refactoring.
@robocoder robocoder added this to the Future releases milestone Jul 8, 2014
@mattab mattab modified the milestones: Long term, Mid term Dec 23, 2015
@mattab mattab modified the milestones: Long term, Mid term Dec 5, 2016
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
Task Indicates an issue is neither a feature nor a bug and it's purely a "technical" change.
Projects
None yet
Milestone
Backlog (Help wanted)
Development

No branches or pull requests
2 participants
@mattab @robocoder