economicstudio
commented
5 years ago Closed economicstudio closed 5 years ago
economicstudio
commented
5 years ago 
bonustrack
commented
5 years ago This is solved on the new version of steemconnect at https://beta.steemconnect.com/ . Access tokens are now created on front-end by signing a message with user Steem account key, if the user change his key the access_token will not be pass the validation anymore on SteemConnect API. Feel free to open another issue if you still having issue.
I've changed my master password on Steemit.com, but Steemconnect session was maintained. For instance, I can still use Busy.org (which uses Steemconnect for login session) without re-login. This would be vulnerable when password is actually hacked. All session should be expired with password change.