Reputation: 112
How can I invalidate old log in cookie in asp.net identity (forms authentication)
Our company has an old web forms site running. The problem we had was that in web.config the expiration of log in cookie was originally set for a year for some odd reason... We decided to change that to 7 days now.
So I updated the timeout value in web.config. That part is fine.. But the problem is that for users who had logged in before this update and if they had the remember me check box checked.. they are still able to log in with the old cookie.
Is there a way I can force everyone to log in again?
Thanks in advance! :)
Upvotes: 1
Views: 253
Answers (2)
Reputation: 35544
If you change the name of the Cookie in the web.config file, the data does not match the one stored on the local computer and the user is invalid and will be required to login again.
<authentication mode="Forms">
<forms name="myNewCookieName" />
</authentication>
Upvotes: 1
Reputation: 47
Hy, You Can Try This. If It Can Help. I just Found it on the internet so if it can help you
Upvotes: 0
Related Questions
- Resetting authentification cookie
- Invalidate all authentication cookies in ASP.net CORE 3
- How to Invalidate AspNetCore.Identity.Application Cookie after user log out
- Invalidate Old Session Cookie - ASP.Net Identity
- invalidate aspx authentication cookie
- ASP.NET MVC - How do Remove log in Cookies from a asp.net site
- Asp.net Identity Expire Session Cookie
- Invalidate ASP.NET Identity 2.0 login without removing the application cookie
- asp.net delete cookie
- manually remove asp.net authentication cookies