12May
Is allowing users to sign out of all other sessions good or bad?
I'm not really sure if this feature is a good security idea, but would it be good to allow a user to sign out of all other sessions? Or would this be a bad idea, because I see a good amount of pros, but there is one con that bothers me.
Pros:
- Sign out of all other sessions to make sure your account hasn't been brute forced or pged.
- Sign out of all other sessions because you left yourself logged in on a public computer.
Con:
- Somebody gets into the account and signs out of all other sessions.