How can the Azure portal be improved?

← Azure portal

Auto logout after period of inactivity

Create option to auto-logout from portal after period (configurable) of inactivity.

25 votes
Sign in
(thinking…)
Sign in with: Microsoft
Forgot password?
Create a password
Signed in as (Sign out)
Close
Close

We’ll send you updates on this idea

Peter Thomas shared this idea  ·   ·  Flag idea as inappropriate…  ·  Admin →

10 comments

Sign in
(thinking…)
Sign in with: Microsoft
Forgot password?
Create a password
Signed in as (Sign out)
Close
Close
Submitting...
An error occurred while saving the comment
  • Paulie commented  ·   ·  Flag as inappropriate

    This control is a FISMA requirement. Please implement in Azure Gov ASAP.

    Thanks Paul

  • Martin Schvartzman commented  ·   ·  Flag as inappropriate

    This option is now available in the Azure portal for Tenant/directory administrators.
    Click the portal settings (gear) icon and then click the 'Configure directory level timeout'. Enable the feature, set a time span (hours and minutes) and click Apply.
    Once configured, the changes will take effect after a logout/login and all users of the tenant will see a message in the portal settings pane.

  • AndyB commented  ·   ·  Flag as inappropriate

    It is a security requirement for our organization. Please include this change in a global setting.

  • Pat commented  ·   ·  Flag as inappropriate

    It would be great to be able to base this off roles and groups too. For example on our normal user accounts we have limited prod access and could be more lenient on the timeout. On our separate admin accounts with elevated access it would be great to be able to have a fairly restrictive policy. Especially on co-administrator and global administrator accounts.

  • Donnie Byrd commented  ·   ·  Flag as inappropriate

    I agree this should be a global setting. We came across this issue during a PCI compliance audit.

  • [Deleted User] commented  ·   ·  Flag as inappropriate

    Agree, there should be a global inactivity setting for it.

    We just got a pen test report which said that the auditor had inactivity sign out set to Never (the default).

    I would like to change it to at the AD level to 5 minutes.

    How to do this?

  • Anonymous commented  ·   ·  Flag as inappropriate

    It is a security requirement for many organizations to enforce inactivity timeout periods for users/administrators in on-premises, hybrid, and Azure environments; however, it is not possible to meet this security requirement when it comes to the Azure Portal and this is a problem. If security is a priority please make that option available.

Azure portal: Other

Categories

Feedback and Knowledge Base

(thinking…)
Hosted by UserVoice