Someone else is logged in and I want to watch Kingdom. Should be a simple password change but apparently it takes 8 hours to log out all devices. How is this so slow wtf?
Kingdom was great. Last Kingdom is also great.
Vikings is also great
Still a valid question I want to know the answer too. Why can’t they just revoke all tokens?
What if the OP is a spoofer and not a legitimate user. Netflix needs to verify that the OP is the real user. This is a classic Account take over scenario, generally companies solve this by 2 factor authentication, but historically we never had 2 factor for Netflix because we are not a bank and ppl are not that concerned about sharing Netflix passwords and it helped us too in a way it's easy to login and stuff. Also due to COVID, customer support is overloaded and they had to adjust to this new routine.
What? If u change pw as OP said, all access and refresh tokens should be immediately invalidated. The very next api call will return 403. Why not? At least that’s how my product’s oauth service works.
The issue is that the scammer might be the one requesting the password change. But I don't know how 8 hours solves that.
@Gigf86 what you said exactly happened. The fraudster hacked and took over OPs account and changed the password, and so OP can't log in anymore.
Yes. But what's the 8 hours for?
I can still log in BTW
@cpernick it's probably because of overloaded customer support
@Cpernick first thing when you call CS about this type of issue, they need to make sure you are legitimate and it's really your account, for that there are few things they do. Usually its matter of few minutes, but as I said due to these unprecedented times, there is a huge load on CS mostly for this account take over issues.
This is a legacy issue. In most cases, almost all in fact, it will go much much faster - seconds or minutes. There are some legacy devices, talking 10 years old or so, that take longer because of ancient architecture that can no longer be updated. Since most customers have no idea the age of their device or what model it is or whatever we have to say up to 8 hours, but realistically it will almost never take that long.
Why did you give them your Netflix login?
Don't know how they got in. I used a dumb password so probably they pulled it from a list somewhere.
Use lastpass