Steffen
Guest
Member
It seems like it's best-practise to invalidate other sessions on 2FA activation/change ([1], [2]). At the moment, XenForo seems to invalidate other sessions on password change but not on 2FA activation/change.
The scenario goes like this:
Read more
Invalidate Session on 2FA Activation/Change
free plugins
minecraft paid for free
mcmarket
mc-market
free minecraft paid plugins
free minecraft plugins
spigotmc
SpigotMC
aac free
ewg free
Minecraft Premium Plugins
ewg free download
litebans free
epicworldgenerator free
free schematics
leaked schematics minecraft
schematics
schematics leaked
schematics free
minecraft schematics free
paid minecraft schematics free
paid minecraft schematics for free
free cracked plugins
free cracked minecraft plugins
plugins
featherboard download
featherboard plugin download
antiaura download
xenforo leaked
xenforo for free
xenforo addons
The scenario goes like this:
- Log in to the same account with two different browsers
- Enable 2FA in one of the logged-in sessions
- Observe that the other browser's session remains active
Read more
Invalidate Session on 2FA Activation/Change
free plugins
minecraft paid for free
mcmarket
mc-market
free minecraft paid plugins
free minecraft plugins
spigotmc
SpigotMC
aac free
ewg free
Minecraft Premium Plugins
ewg free download
litebans free
epicworldgenerator free
free schematics
leaked schematics minecraft
schematics
schematics leaked
schematics free
minecraft schematics free
paid minecraft schematics free
paid minecraft schematics for free
free cracked plugins
free cracked minecraft plugins
plugins
featherboard download
featherboard plugin download
antiaura download
xenforo leaked
xenforo for free
xenforo addons
