I was posting my first password protected blog post yesterday. I added a lot of photos to that post using the WP media manager. Well, everything looked good - I couldn't read the post without entering the password. But then I tried opening a photo from the post directly in another browser (where I hadn't entered the password) - and I could see the photo without entering the password.
Is this normal behavior? I would think it would be logical that in a protected post everything that belonged to that post (attachments, photos, etc.) would also be protected.
Any news on whether this is a known problem that is being worked on? Or is there anybody that can provide a solution to prevent this - so people are asked for a password also on pages for individual photos?
There is a chance that I just need to add something to my theme - I based it on the default Kubrick theme when I started my blog (early 2006).