Someone logged into my ChatGPT Plus account. I realized this by the new dialogs that appeared, which I did not create. So, I decided to change my password. But after entering the new password, nothing has changed. The hacker was still in my account and didn't log out.
I tried to change my password a second time and check if my other devices would log out. And it turned out that after changing the password, other devices do not log out, their session does not expire because of the new password. This is a big gap in your security system, and I don't understand how you allowed this to happen
Now I have to see how the hacker uses my Plus account, for which, of course, he did not pay, and there is nothing I can do about it. Brilliant
#Session doesn’t expire after password change
outer lichen