Extend amount of time before system times user out
Please extend the amount of time from one hour to at least four hours before Gifts Online times the user out. It can be very frustrating for a user when he or she is in the middle of working and doesn't realize they are about to be timed out of the system.
As it can be difficult to meet all organizations' needs, another, perhaps more viable, option would be to make this a global setting that each organization can configure for their own needs based on internal processes and procedures. A setting which would be limited to the Administrator only.
-
Jen Hammerstrom
- Feb 16 2017
- Will not implement
-
Aug 26, 2022
Admin response
Thank you everyone who has upvoted and commented on this idea. I have marked it "Will not Implement" - I think we've left this one hanging without a proper response for long enough! - but I wanted to explain why.
Since this idea was first submitted, a few things have changed:
The world has changed - grantmakers, software makers, and in general, everyone is even more conscious of the security benefits of timing out an inactive user session. This has become a standard best practice that we consider a responsibility as your software vendor to employ in order to keep your data safe.
Our product has changed - the timeout has been extended to 90 minutes in some cases, as part of our move to use Blackbaud ID in 2021 in place of the old login system.
We're also getting smarter about how we handled inactivity timeouts - starting with doing a better job tracking "inactivity" when we moved to SKY view in 2021. In 2022 and beyond, we're going to continue improving this. We have plans to improve the way the inactivity timer works in the Forms Manager and Form Designer next, so it's much less likely to time out there, and gives you a better user experience when it does.
Not everyone may agree, and I appreciate that it can be frustrating to be signed out when you had something open. Please continue to let us know if you think there's something we can do better to improve your experience, and we'll continue to make sure we respond to that feedback without sacrificing on security. Thank you!
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
- +10
Related ideas
I voted to extend the time. I don't think one hour is long enough.
I disagree with extending the time. For security reasons we set all computers to lock and require a password after 20-30 minutes of inactivity. Which has greater security risk, the PC or GO database? If the browser is open, It takes less than 5 seconds for me to enter login and password.
I like the idea to give the individual organization control over the time-out period, albeit up to a certain point like 4 hours.
I saw Tom Neuerburg's explanation for the 1-hour timeout but want to add my voice to those requesting flexibility--at least for universal users if not for all of our "view only" colleagues. I keep GIFTS open all day long and refer to it intermittently throughout the day. It's quite annoying to have to log back in several times a day when I need to check a number or answer a question. Security is already taken care of by the fact that IT has set up the network to require that I re-enter my password if I don't touch my computer for just 15 minutes. So even a 2-hour or 4-hour time-out period would be an improvement.
Thanks for posting this. I really like the idea of each organization being able to set their own time-out parameters. I definitely understand the need for security and some orgs may want an even shorter time for inactivity.
We would benefit from a longer time-out period. I frequently get called away for more than an hour in the middle of working in GO and while I'm usually pretty good about saving my work (usually, not always), I still end up having to figure out what I was in the middle of when I log back in to GO.
I vote to also extend the time.
Thank you.