Administration Interface Session Timeout

EFT incorporates an internal idles timeout of 5 minutes for administrator connections via the administration interface connections with high security-enabled Sites. On Sites defined using "strict security settings," if no activity (such as OnMouseClick) occurs after 5 minutes of inactivity, a warning message and countdown timer appear. The timer resets if you click Continue; if no activity occurs, the timer expires, and the administration interface disconnects from EFT. Any non-committed changes are discarded.

This is different from the Administration Interface Session Timeout value set for the user and Settings Template.

To change the timeout

  1. In the administration interface, connect to EFT and click the Server tab.

  2. On the Server tab, click the Server node you want to configure, and then click the Administration tab.

  3. Click an EFT-managed administrator account, and then click Account Policy. The Account Security Settings dialog box appears.

  4. Select the Disconnect administrator accounts after check box, then specify the minutes of inactivity you need. (In versions prior to 8.0.5.8, the check box is cleared by default for non-high security enabled Sites.) Changing the timeout to more than 15 minutes violates PCI DSS, so you will need to document the reason/compensating control if you have a high-security-enabled Site.

  5. Click OK to save the changes.

Related Topics