Details
-
Suggestion
-
Resolution: Fixed
Description
When a user closes the bitbucket tab without logging out first, he will stay logged in for days, meaning that everyone with access to this computer can just open bitbucket and is logged in as the previous user. This to me is a serious security flaw.
An option be added to the login form that allows you to disable the "stay logged in" feature.