One User-ID Can be Used simultaneously by Several People At the same time

Is this a security ‘hole’?

Hello,

I could not replicate this issue. Even if I login into same account from another browser, first session is logged out automatically.

@umair It’s very strange… I’m using v6.18… Any ideas? Any configuration I missed?
I can login using same user email from different browser on other device… All is able to do transactions etc as usual but it’s done from different people on different devices using same user-id

Tks

Set deny_multiple_sessions as true in site_config.json

Btw, all site_config options should be in system settings… maybe time to make this.

2 Likes