Administration Interface Session Timeout
EFT incorporates an internal 15-minute timeout for administrator connections via the administration interface connections with high security-enabled Sites. On Sites defined using "strict security settings," if no activity (such as OnMouseClick) occurs after 10 minutes of inactivity, a warning message and countdown timer appear; after 15 minutes, the administrator account is disconnected from EFT. The timer resets if you click Continue; if no activity occurs, the timer expires, and the administration interface disconnects from EFT. Any non-committed changes are discarded.
The timer resets if you click Cancel; otherwise, if no activity occurs, the timer expires, and the interface disconnects from EFT. Any non-committed changes are discarded.
This is different from the Enable Timeout value set for the user and Settings Template.
To change the timeout
-
In the administration interface, connect to EFT and click the Server tab.
-
On the Server tab, click the Server node you want to configure, and then click the Administration tab.
-
Click an EFT-managed administrator account, and then click Account Policy. The Account Security Settings dialog box appears.
-
Select the Disconnect admin accounts after check box, then specify the minutes of inactivity you need. The timeout is off by default for non-high security enabled Sites. Changing the timeout to more than 15 minutes violates PCI DSS, so you will need to document the reason/compensating control if you have a high-security-enabled Site.
Related Topics