Session Timeout in eCatalog


Proactive Session Management for Enhanced Security:

The Session Timeout feature in eCatalog is designed to automatically log out users after a period of inactivity. This security measure helps prevent unauthorized access and ensures that user sessions do not remain open indefinitely, especially in unattended situations.


How Session Timeout Works:


  • Default Timeout Settings
    The system is configured to automatically log out users after 20 minutes of inactivity. This duration serves as the default setting, providing a balance between user convenience and security.
  • Interactive Warning
    Prior to reaching the 20-minute mark, eCatalog will display a popup notification to the user, providing them an opportunity to indicate activity by clicking within the website. This interaction resets the inactivity timer, thus maintaining the session.


Customizable Timeout Parameters:


  • Warning Time
    Administrators can configure the timing of the warning popup, adjusting how long before timeout the warning should appear to prompt user action.
  • Lockout Time
    The total timeout duration can be adjusted to be shorter or longer than the default 20 minutes, based on organizational security policies or specific use case requirements.
  • Timeout Message
    The message displayed during the warning or at logout can be customized to provide specific instructions or information to the user, enhancing the user experience and clarity.


Benefits of Session Timeout:


  • Increased Security
    Automatically logging out inactive users reduces the risk of unauthorized access from unattended user sessions, particularly in shared or public environments.
  • Enhanced Control
    This feature gives administrators the ability to enforce session duration policies, which is critical for compliance with certain industry regulations that dictate strict data security measures.
  • User Engagement
    The warning prompt encourages active engagement from users, ensuring that they are actively using the system and not leaving sessions idle, which can be a security risk.


Implementing Session Timeout:


  • User Notification
    It is beneficial to inform users about the session timeout policy. Clear communication helps manage user expectations and explains the security rationale behind automatic logouts.
  • Configuration Access
    Administrators can configure the session timeout settings via the eCatalog’s security or session management dashboard. Here, they can easily set timeout duration, customize warning messages, and specify other related settings to tailor the feature to their needs.



eCatalog can be configured to logout when user is inactive, or has not been using the website for certain period of time.


Session time-out is 20 minutes by default.

Before reaching 20 minutes, system will pop-up box and prompt user to click website to avoid inactivity.