Limit session length for high assurance sessions
Reduce the risk of account takeover in high assurance sessions by limiting session length
Reduce the risk of account takeover in high assurance sessions by limiting the length of the session. After the specified length of time, end-users must re-authenticate.
Use the glide.zta.high_assurance.session.timeout system property to set a time, in minutes, after which users must re-authenticate. The value of this property must be between 1 and 480 minutes. Consider limiting this value to 30 or lower to reduce the risk of account takeover.
More information
| Attribute | Description |
|---|---|
| Technical configuration name | glide.zta.high_assurance.session.timeout |
| Plugin applicability | Zero Trust - Continuous Authentication (com.snc.zero_trust_continuous_authentication) |
| Security risk | Shorter session lengths reduce the risk of account takeover by forcing users to re-authenticate. |
| Common Vulnerability Scoring System (CVSS) score | 3.3 |
| Common Vulnerability Scoring System (CVSS) rating | Low |
| Functional impact | Users in high assurance sessions must re-authenticate at the interval set by this property. |
| Dependencies and prerequisites | None |
| Data type | Integer |
| Base system value | 30 |
| Fallback value | 30 |
| Recommended value | 30 or lower |
To learn more about adding or creating a system property, see Add a system property.