Title: Security Bug? After timeout log
Last modified: September 28, 2016

---

# Security Bug? After timeout log

 *  Resolved [mg](https://wordpress.org/support/users/marcgeldon/)
 * (@marcgeldon)
 * [9 years, 8 months ago](https://wordpress.org/support/topic/security-bug-after-timeout-log/)
 * I really like your plugin and it’s a big helping tool for me.
 * But I have the following problem: if I switched to a user and this user gets 
   logged out (because of the timeout), the plugin offers me to switch back to “
   Administrator” on the login page.
 * Have a look at the screenshot: [http://fs5.directupload.net/images/160928/vn8zg8zf.png](http://fs5.directupload.net/images/160928/vn8zg8zf.png)
 * Now I click on “Switch back…” and I am logged in as the administrator.
 * I think this is a security bug? Or is it a feature?
 * Hope to hear from you soon.
 * Kind regards,
 * Marc

Viewing 1 replies (of 1 total)

 *  Plugin Author [John Blackbourn](https://wordpress.org/support/users/johnbillion/)
 * (@johnbillion)
 * WordPress Core Developer
 * [9 years, 8 months ago](https://wordpress.org/support/topic/security-bug-after-timeout-log/#post-8244536)
 * Thanks for the message, [@marcgeldon](https://wordpress.org/support/users/marcgeldon/).
   The reason this functionality exists is so you can use the ‘Switch Off’ functionality
   and then switch back again.
 * When you switch to a user, User Switching’s cookies (which remember the user 
   you switched from) should have the same expiration time as the main auth cookie(
   two days if you didn’t check the “Remember me” checkbox when you logged in).
 * I’ll test this functionality to make sure it’s behaving as expected.

Viewing 1 replies (of 1 total)

The topic ‘Security Bug? After timeout log’ is closed to new replies.

 * ![](https://ps.w.org/user-switching/assets/icon.svg?rev=3193956)
 * [User Switching](https://wordpress.org/plugins/user-switching/)
 * [Frequently Asked Questions](https://wordpress.org/plugins/user-switching/#faq)
 * [Support Threads](https://wordpress.org/support/plugin/user-switching/)
 * [Active Topics](https://wordpress.org/support/plugin/user-switching/active/)
 * [Unresolved Topics](https://wordpress.org/support/plugin/user-switching/unresolved/)
 * [Reviews](https://wordpress.org/support/plugin/user-switching/reviews/)

 * 1 reply
 * 2 participants
 * Last reply from: [John Blackbourn](https://wordpress.org/support/users/johnbillion/)
 * Last activity: [9 years, 8 months ago](https://wordpress.org/support/topic/security-bug-after-timeout-log/#post-8244536)
 * Status: resolved