Y
Hacker News
new
|
ask
|
show
|
jobs
by
Vishnevskiy
3439 days ago
The normal token system revokes on password change, if you want to revoke and have extra security we offer MFA login which has unique tokens per login. If security is of importance to you then use MFA.
1 comments
lightedman
3439 days ago
Why are you not revoking tokens after session end across the board? Token re-use is one of the faster-rising security breach factors now days.
link