Knowledge Base/Official Insight Help/Security, Backup and Hosting
Can I extend the session timeout?
Justin Ruffell-Ward - Insight Support
posted this on December 10, 2010 16:42
The session timeout (the time of inactivity it takes before you're logged out) is a tradeoff between convenience, security and performance.
Longer sessions may be more convenient, but at the risk of reduced security (people often just walk away from their PCs), and reduced site performance, as the web server needs to keep track of more open sessions.
Presently, timeout occurs after about 20 minutes of inactivity. Sometimes this is less, because if the web server is under increased load it will reduce the timeout for a while to improve access speed.
The 20-minute inactivity limit is pretty much an industry-standard convention, chosen to balance these competing objectives. Long activities like creating an article or a mailing should always be recovered when the user logs back in.
Comments
It would be nice if you let us, the end-user, make the security decision for ourselves and have the option of extending our time-out time. Many of us are in a very secure setting of a church and would benefit from having this option.
I agree. I am a receptionist and often get distracted by the phone or visitors when making entries in the calendar and it is very frustrating
The session time-out isn't just a security issue, leaving sessions open uses up server resources impacting performance.
Most areas will recover your work when you login after a session time-out e.g.the document editor, so nothing is lost. Is it specific areas where this is more annoying, or is it generally having to login that people find frustrating.
i agree with Natasha, i'm a receptionist also and when i get interrupted it is very frustrating to have to log back in. it seems that if we your customers are requesting this that your company would be more accommodating.
I too work in a more secure part of our church building, and am in the habit of locking my mac/PC desktop whenever I leave it. It's not just the fact that I have to log in *again* that gripes - it's the fact that usually this is during a phone call and I'm having to do it one-handed in a hurry while the caller tells me what date/time they can do, and it slows everything down.
It would make more sense to me if we make sure all connections are over HTTPS and give the end users the choice to take over our end of the responsibility for security.
The issue isn't just security, it's performance - open sessions take up server resources. We are aware this is a common request though and will see what can be done to improve this area.
Facebook has a few users now. Do they timeout?
As long as my work is recovered then I don't really care about re-logging in.
What is frustrating is that I have had to re type numerous emails. THAT is why the session timeout bothers me (Now I just use Word to type emails and I copy paste into Web Office)
When you go to send a mailing and the session times out (so you have to re-login then it should still send the mailing. Is this not the case for you Cameron? If so please contact support stating the browser you're using and we'll look into it.
i use firefox, and while writing and editing within the back office -- so i can see what newsletter will look like on the page, it is totally frustrating. It doesn't log me out... it just lets me keep going.. and if i get on a roll, and don't manually save it in time, i've lost all my changes after i log back in..I've been asking for this for years, and wish you could come uo with an auto save every 10 min or so... my computer automatically does this, wondering why you can't do this too.