To make a bug report please head over to: https://app.betahub.io/projects/pr-5642738318
Once you have signed in, on the right hand side you can use the "report bug" button to be able to fully report the bug you've encountered. Thank you.
Once you have signed in, on the right hand side you can use the "report bug" button to be able to fully report the bug you've encountered. Thank you.
Interested in volunteering to help moderate for the Forums? Please fill out an application here: https://dbd.game/moderator-application
Kill Switch update: We have temporarily Kill Switched the Forgotten Ruins Map due to an issue that causes players to become stuck in place. The Map will remain out of rotation until this is resolved.
http://dbd.game/killswitch
http://dbd.game/killswitch
Failure to invalidate session on password reset
akkuji
Member Posts: 1
Steps to Reproduce:
Browser 1: Log in to the account using valid credentials at https://account.bhvr.com. Browser 2: Initiate a password reset via the "Forgot Password" functionality. Browser 2: Complete the password reset, changing the account password. Browser 1: Wait for about 5-10 seconds, Or refresh the page. The session in Browser 1 is logged out, as expected. Browser 1: Press the browser's "Back" button or go to Previous page after logging out.
- Unexpected Behavior: Despite being logged out, you are able to access the full account, view sensitive information, and navigate through the account without needing to re-enter any credentials.
Expected Behavior:
Upon password reset, all existing sessions should be invalidated immediately. If the user presses the back button in any browser after being logged out, they should be redirected to the login page and prompted to enter valid credentials.
1