I am strongly opppsed to forced logouts because Idon’t think forced loggouts are going to improve manager. It’s going to ruin the experience, unless it’s left to the user to set the connection parameters, which would be great.
Not everyone has the same priorities with respect to security vs efficiency.
Forced logouts means more logins means less work time, more forgetting of password, more time the user spends with our IT guys … etc.
Personally I value efficiency over security for everything other than my bank login details. In fact I have never used an antivirus on windows for about 20+ years now.
You can view the sessions for every administrator account and log them out.
Imo, forced logout deal will only help when someone temporarily forgets his laptop logged in in an unattended place and someone else takes advantage.
And to be honest, most of us work in closed offices so that’s not really an issue, unless the hacker physically breaks in to our office, in that case permanent login is the least of our problems.
However, I can still see some room for more global security settings. Like, a global view for sessions, “close all sessions” button, lock accounts and send password reset instruction by email and most importantly a superuser account to be activated from control panel only.
BTW, I am not a fan of change passwords every so abd so days, and this is my opposition to that even before someone else suggested it