id	summary	reporter	owner	description	type	status	priority	milestone	component	version	severity	resolution	keywords	cc
21517	Password protected posts have too long lifespan	Clorith		"When creating a password protected post the access permissions are stored with cookies using wp-pass.php which defaults to 10 days.

This is too long of a lifetime for a protected page as subsequent visits within that timeframe allows anyone access to the protected content.

Ideally this should be a user definable value, either set per post, or on a global level for that WP instance."	defect (bug)	closed	normal		Security	3.4.1	normal	duplicate