Details
-
Bug
-
Resolution: Fixed
-
Medium
Description
If the user's bitbucket password has changed it should disable access using any stale cookies/cached credentials so that if leaked they can no longer be used.
Also, there should be a request for the current password to confirm that the cached credentials aren't be abused to easily change the password.
One way this might happen is for someone to distribute a VM with browser web history which a malicious user could then exploit to subvert an existing account. The mitigation would be that 1) that malicious user wouldn't be able to change the password without also knowing the password, and 2) once the legitimate user realizes this, she can change the password or clear out any cached authentications.
I realize this might change the session handling process, but perhaps these should be ephemeral anyway?
David
