I was trying to logout of my Fido account in order to see the phones in store. The website asks to either upgrade the device or logout from your account if you want to see the Phones section on the website (strange).
Anyways... I am logging out but then when I click on the Phones section of the website I get the same popup message asking me to either upgrade my device or logout (I already did the logout)
This is a programming bug. When you do the logout the session identifier is not properly cleared from the browser so your session is still active in the background.
I think in order to do a real logout I would need to clean all the cookies and session junk in my browser.
Nobody wants to do that because you lose all sorts of other important history data.
The issue is also that if the session_id is not properly destroyed it can also be exploited in maleficent ways.
Please revise the issue and let me know if this is the case. I am really concerned about the security risks.
Solved! Go to Solution.
thank you for the fast reply.
It actually worked today. and I did not have to clear my history in the browser.
Great. that was a quick fix.
When it first happened I tested repeated times, maybe 10, 11 times with browser restart and even PC restart.
In the meanwhile I tried again now and it just worked.