Hi
Good question. You can’t without making changes to the BuddyPress files, which we wouldn’t recommend. This is a great idea for a feature enhancement so I’ve gone ahead and opened a ticket. We’ll have it fixed for BuddyPress 2.6 (I’m working on the patch right now).
Thanks for the suggestion!
See https://buddypress.trac.wordpress.org/ticket/6961
I’ve added Secure cookie support, but not HttpOnly because some (maybe all) are accessed with Javascript; I haven’t time to audit all the cookies in that level of detail at the moment, so maybe we can do that in the future if someone helps investigate.
well we are making changes to the core of buddypress because in the settings of the profile user you can change the password but we have a plugin for policies about the password and we want to only use this for change the password
this is another tip for future versions of BP that you can use the core of the change password and not the BP
so dont worry if you tell me where is located this cookie we can set secure an make some test in the weekends because our site start to be auditing by third part with acunetix and they found some vulnerabilities maybe you can use this for audit the BP we are using BP and WPLMS template
Thnaks for the reply Paul
