Administration Interface Session Timeout

EFT incorporates an internal 15-minute timeout for administrator connections via the administration interface connections with high security-enabled Sites. On Sites defined using "strict security settings," if no activity (such as OnMouseClick) occurs after 10 minutes of inactivity, a warning message and countdown timer appear; after 15 minutes, the administrator account is disconnected from EFT. The timer resets if you click Continue; if no activity occurs, the timer expires, and the administration interface disconnects from EFT. Any non-committed changes are discarded.

The timer resets if you click Cancel; otherwise, if no activity occurs, the timer expires, and the interface disconnects from EFT. Any non-committed changes are discarded.

This is different from the Enable Timeout value set for the user and Settings Template.

To change the timeout

1. In the administration interface, connect to EFT and click the Server tab.

2. On the Server tab, click the Server node you want to configure, and then click the Administration tab.

3. Click an EFT-managed administrator account, and then click Account Policy. The Account Security Settings dialog box appears.

   

4. Select the Disconnect admin accounts after check box, then specify the minutes of inactivity you need. The timeout is off by default for non-high security enabled Sites. Changing the timeout to more than 15 minutes violates PCI DSS, so you will need to document the reason/compensating control if you have a high-security-enabled Site.

Related Topics

• Disconnecting Users on Timeout

• Logging Out of EFT

• Closing the Administration Interface