Short session timeouts

Short sessions are a security feature that protect your ScheduleOnce account from unauthorized access. With Short sessions enabled, an automatic timeout is triggered after a period of inactivity.

By default, ScheduleOnce can automatically keep accounts signed in for up to 14 days. This is a convenience mechanism for Users who typically access their account from home and do not share their devices with other individuals.

If you share your device, or you access your account from a public location, automatic sign-in is not recommended. For example, if you work in an office with heavy footfall and your account remains logged in at an unattended desk, there is a risk that an unauthorized individual could gain access to your computer.

To prevent automatic sign-in, you should enable Short sessions. With Short sessions enabled, your account will automatically timeout after a period of inactivity. We recommend setting the maximum idle session duration to 30 minutes. In this case, any action performed after 30 minutes of inactivity will automatically redirect you to the login page and prompt you for your login details.

To use Short sessions, you should login to your ScheduleOnce account as an administrator and navigate to Account >> Security >> Session policies >> Edit and enable the setting. If a short session duration is part of your organizations information security policy, you can use Short session settings to enforce this for all Users across the account. 
 

Rate this article