function readOnly(count){ }
Starting November 20, the site will be set to read-only. On December 4, 2023,
forum discussions will move to the Trailblazer Community.
+ Start a Discussion
Yvonne-Ban-AirYvonne-Ban-Air 

How to control Session Time out and Lockout effective period?

We currently selected default session time out for 2 hours

 

Lockout effective period for 30 min

 

 

However, every 30 min, an pop-up window will ask whether we want to continue working or logout.

 

Therefore, I assume it is controlled by the Lockout effective period. But what confuse me is the Lockout effective period can only select 15min, 30min, 60min or never (must reset by admin); but session time out can select a longer time. What are they actually for?

 

2 hours auto log out would be the best for us. How do I control these two options to achieve this? 

 

 

Any information would be very much appreciated!

Best Answer chosen by Admin (Salesforce Developers) 
prageethprageeth

1. Yes. you need to adjust Session Timeout to control the system auto log out period.

 

2. A "locked out effective period" is used to prevent unautorized users trying to login continuously using incorrect passwords. Because the system is locked for a certain time after several incorrect attempts, an unautorized user can't continuously try to log-in. 

 

All Answers

prageethprageeth

 

Hi;

  Lockout effective period has no relationship with Session Timeout. It is the time period for which the users account is locked if He/She entered invalid passwords for several times.

 

In order to change the  Session Timeout value;

 

   Setup -> Security Controls  (In "Administration Setup" area) ->  Session Settings 

    

In order to change the Lockout effective period; 

 

  Setup -> Security Controls  (In "Administration Setup" area) ->  Password Policies

 

Yvonne-Ban-AirYvonne-Ban-Air

Hi,

 

I don't understand why locked out effective period has time limitation? (15/30/60minutes...)?

 

 

Do you mean I should use Session Timeout Setting to control the system auto log out?

 

 

 

prageethprageeth

1. Yes. you need to adjust Session Timeout to control the system auto log out period.

 

2. A "locked out effective period" is used to prevent unautorized users trying to login continuously using incorrect passwords. Because the system is locked for a certain time after several incorrect attempts, an unautorized user can't continuously try to log-in. 

 

This was selected as the best answer
wema04wema04

Hi,

 

We got exactly the same problem. According to the answer above, lockout time has nothing to do with the problem. The solution means that session timeout needs to be set, but we have defined the session timeout to 2 hours as you did. So I can't understand why it still popups sessionout warning message every 30 min and how the solutions helps? 

 

Do I missunderstand something or needs something extra to config ? 

 

Thanks in advance.

  

Message Edited by wema04 on 12-09-2009 10:33 AM
Message Edited by wema04 on 12-09-2009 10:35 AM