Epic #40: Failure to Invalidate Session After Password Change - Tingg - Redmine

Actions

Copy link

Epic #40

open

Failure to Invalidate Session After Password Change

Added by rashmita rout about 2 months ago. Updated about 1 month ago.

Status:

New

Priority:

Medium

Assignee:

Target version:

Start date:

01/05/2026

Due date:

% Done:

Estimated time:

(Total: 0:00 h)

Work Type:

Platform

Technical Area:

Release Narrative:

Description

Objective:

Ensure that all active sessions associated with a user account are invalidated immediately after a password change to prevent unauthorized access using old credentials.

Covers:

1. Session lifecycle management

2. Token invalidation

3. User-controlled session handling

4. Protection against session hijacking after password updates

Subtasks 1 (1 open — 0 closed)

History
Property changes

Actions

Copy link

Also available in: Atom PDF

Project

General

Profile

Tingg

Custom queries

Epic #40

Failure to Invalidate Session After Password Change

Updated by rashmita rout about 2 months ago

Updated by rashmita rout about 2 months ago

Updated by rashmita rout about 1 month ago