Open
GB
Nobody assigned yet
Users remain logged in indefinitely, even after sessions should have expired. This creates a security risk for shared devices. The session management system should enforce token expiry and re-authentication.