Is there a vulnerability in the system?
Is there a vulnerability in the system?
I just updated my password on Pandora, but I still keep seeing the Linkin Park station added. After changing it, I didn’t need to enter a new password on my phone—I could continue playing music and managing stations without any trouble. I’m really surprised this issue went unnoticed for so long. Could you let them know about this? And there’s more. I also changed my Hotmail email password on my desktop, and I can still receive and send emails on my smartphone, even using the Windows 8 Metro app. My guess is that when you log into an app on a device, your account gets a unique hash, which sends to your phone for login. If your password changes, the hash stays the same, allowing access. Any suggestions?
When a device logs in automatically, there’s no verification of whether the password it uses is still valid in most apps. This represents a significant security weakness; the issue needs attention and fixing.
I think this feature functions only on mobile devices. On a standard web browser, you must input your password and username each time.