MODS can you see if my profile is logged twice or more?
Discussion
I have just refreshed the "My Stuff" page and a topic that I have previously replied to has appeared - but it was marked as read - and I know I haven't read it (I didn't even see it earlier).
The post that "woke" up the topic was Yesterday (19:22) - and it only showed in My Stuff just now (around 13:00, Sunday) - but as I say - it was marked as read.
I have changed my password as a precaution but do you have a record of logged in devices?
The only logins you should ever see for my username are from 185.250.x.x (pm me if you need the full IP)
Thanks.
The post that "woke" up the topic was Yesterday (19:22) - and it only showed in My Stuff just now (around 13:00, Sunday) - but as I say - it was marked as read.
I have changed my password as a precaution but do you have a record of logged in devices?
The only logins you should ever see for my username are from 185.250.x.x (pm me if you need the full IP)
Thanks.
Sorry but mods don't have the tools to look into GDPR stuff, so I can't get into any of those details.
I'll flag this report up for you to get the techies to look into.
I can try to secure your account, that will log you out completely, and you'll have to log in again.
This function should work but I wont, know until I try it. DB can be a bit flakey at times.
HTH.
I'll flag this report up for you to get the techies to look into.
I can try to secure your account, that will log you out completely, and you'll have to log in again.
This function should work but I wont, know until I try it. DB can be a bit flakey at times.
HTH.
Hi Tony,
Thanks for dropping us a message.
Just had a chat with one of our engineers who has been very helpful and advised the following;
- from the logs we don't have any reason to believe this was anything other than a slight glitch telling you that you had already read it
- you've mentioned you've changed your password, but just in case (and for anyone else reading this), you can do that here
- if you do feel like your account is being misused, please email support@pistonheads.com and they will be able to help you further.
Thank you.
Thanks for dropping us a message.
Just had a chat with one of our engineers who has been very helpful and advised the following;
- from the logs we don't have any reason to believe this was anything other than a slight glitch telling you that you had already read it
- you've mentioned you've changed your password, but just in case (and for anyone else reading this), you can do that here
- if you do feel like your account is being misused, please email support@pistonheads.com and they will be able to help you further.
Thank you.
Jack Mansfield said:
Hi Tony,
<stuff>
@Jack Mansfield<stuff>
Firstly - the first thing I did that day was to change my password - so I'm happy that the account should be secure - but.....
The worrying part is; I received an email to say my password had been changed (invoked by Big Al) and in said email was a new password.
However... Following this change, I was still able to login using the new password I had set myself hours before.
Also - it didn't log me out as one would expect, so even if someone does have access to my account, they could seemingly continue to use my login.
Taita said:
So requesting a new password / receiving a link saying 'Your password has been reset' doesn't invalidate your existing session cookie server side?
Nope. I was able to carry on as normal.TonyRPH said:
Jack Mansfield said:
Hi Tony,
<stuff>
@Jack Mansfield<stuff>
Firstly - the first thing I did that day was to change my password - so I'm happy that the account should be secure - but.....
The worrying part is; I received an email to say my password had been changed (invoked by Big Al) and in said email was a new password.
However... Following this change, I was still able to login using the new password I had set myself hours before.
Also - it didn't log me out as one would expect, so even if someone does have access to my account, they could seemingly continue to use my login.
Taita said:
So requesting a new password / receiving a link saying 'Your password has been reset' doesn't invalidate your existing session cookie server side?
Nope. I was able to carry on as normal.Gassing Station | Website Feedback | Top of Page | What's New | My Stuff