Scott, We used OpenKiosk, with a setting to automatically clear out all cached settings every few minutes of non-use to resolve this issue. We also have a "Log Out" Button (configurable through OpenKiosk) to allow users to manually clear out their session information. This issue has popped up on many ILS's/Kiosk situations, not just Koha. Open Kiosk is a free plugin for firefox, available here: https://www.mozdevgroup.com/clients/bm/ Christopher Hyde Information Technology East Brunswick Public Library Message: 7 Date: Thu, 4 Nov 2010 14:18:41 -0400 From: "Scott Kushner" <skushner@mtpl.org> Subject: [Koha] Koha security issue. To: <koha@lists.katipo.co.nz> Message-ID: <3F5DBA7C1433624D870AF4F965358FD660E6B2@exchange.mplmain.mtpl.org> Content-Type: text/plain; charset="us-ascii" We are using mozilla firefox 3.5.4 for Koha access for our patrons. After one patron is done and walks away, the next patron can use the "back" button to access the previous patron's records-if 6 patrons have used this workstation, all of their transactions can be seen by the last patron. Has the new release of Koha addressed this security issue. Does anyone have a "one-patron session" fix for this? Thanks, Rod Alberse Information Technologies Middletown Township Public Library(MTPL)