Version 4.7.1

Hi

I've just come across what I think is a bug with the single user public access. Would be grateful if somebody could confirm this isn't expected behaviour.

To replicate

• Right-click page > select Public Access > Single user protection
• Enter username and password (and other settings)
• At this point everything works as expected, logging in the website is fine
• Go back to the page Right-click page > select Public Access > Single user protection
• Change the password and save
• Now when trying to log in with the new password it is unsuccessful, the old password stil works (bug 1)
• Go back to the page Right-click page > select Public Access > Single user protection
• Change the username and the password
• Log into the website with the new username/password works fine but the old username/passwor also still works (bug 2)
• I've tried changing the username/password many times and it essentially keeps adding new users who have access, it never removes access

To get around this issue I've resorted to using role based access which works fine. However in my understanding this is a bug and not a feature. The reason why we use single user protection for our clients is for simplicity. They can easily set a universal username/password for a section of the site. With this bug the password can never be changed and when a username is changed the previous username will still work.

Thanks

Ben