Magento Forums
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Urgent: Customer able to login as another customer, how is that possible?

‎12-15-2018 06:04 AM
‎12-15-2018 06:04 AM

Urgent: Customer able to login as another customer, how is that possible?

magento 2.2.2.

 

A customer sent me a screenshot where she had logged in as another customer. How is that even possible?

 

Our configuration consist of 4 websites inside our setup. One website for norway, europe, denmark, sweden. All websites are separated with the store view code. Like mydomain.com/no for Norway

 

I'm not sure how she could logg in as another customer. I have tried to do the same and I get error saying incorrect password.

 

Another option is that she is just playing with me. She maybe has been in contact with the other customer and they have exchanged password. (maybe). I dont understand how that is possible. She was able to do it on hear smart phone. Maybe other customer have used the same phone earlier for loggin... I'm not sure--

 

any ideas how this is possible?

 

Labels:
0 Kudos
Reply
1 REPLY 1
‎12-15-2018 09:53 AM
‎12-15-2018 09:53 AM

Re: Urgent: Customer able to login as another customer, how is that possible?

Hi @Loginname,

 

There might be an issue with the Session ID (SID). It looks like the two customers have the same SID. 

 

To solve this issue, you need to wipe your session store. Follow these steps:

  1. Go to the Store > Configuration > General > Web > Session Validation Settings.
  2. Set the value of "Use SID on Storefront" to No.

 

0 Kudos
Reply