I have noticed that if I change the password for globeadmin in the config file and then re-attempt to log in, nuBuilder will not recognize the updated password in the config file, instead it appears to be using the previously used password that is either in the Session or a cookie. If I close the browser completely and re-open the login page, then it reads the config again. This is a security problem as cookies are frequently compromised by malware.
This problem doesn't seem to happen with normal non-globeadmin users. Nevertheless password shouldn't ever need be stored in cookies or sessions.
Welcome to the nuBuilder Forums!
Register and log in to access exclusive forums and content available only to registered users.
Register and log in to access exclusive forums and content available only to registered users.