A security flaw?

[Ghabra]

I've changed my password a couple of times over the past month for personal reasons , and i've noticed that every time i do , the forum session does not get disconnected. I thought it might be related to the dashboard session so i logged out of that , but nope , no matter how many times i change my password and log out of the dashboard , the forum stays logged in. 

 

I would not say this is a major security flaw , but it does bring up some concerns. What if someone gets hacked or gets their account stolen , they change the password but the account thief would still be logged in on forums , which could lead to some trouble if the account thief decides to mess on forum with the stolen account . 

 

I know there is probably somewhere a "disconnect all devices" button on the dashboard but this could be easily missed or forgotten about. And i know the account owner can be easily proven innocent in case the thief messes around on forum due to the account thief having a different IP and checking the logs , but why not prevent this in the first place by disconnecting all devices upon changing the password?

 

This is what i personally noticed , i could be wrong about this somehow so please correct me of i am.

Edited May 15, 2021 by Ghabra

[Ghabra]

bump

[Ghabra]

bump

[Ghabra]

bump

[Ghabra]

bump