Improve security via timeout and/or workstation lock

David Anderson shared this idea 4 years ago
Declined

Right now, once I authenticate to my database, I am connected until I disconnect. I would like to be able to have my session timeout or, even better, be able to detect when my work station locks, and then remove authentication for the existing connections which are so configured.


For example, for the timeout:

I set up a connection to my server, I select 'as for password each time'.

I select something like 'expire session after 30 minutes idle'.

Then I connect, and I input my password.

Then I work on the connection for a while.

I stop working, and don't come back to nosqlbooster for 30 minutes.

When I come back, I can no longer run queries against the connection until I re-authenticate.


or, an example for the workspace lock:

I set up a connection to my server, I select 'as for password each time'.

I select something like 'lock connection when locking the computer or switching the user'.

Then I connect, and I input my password.

Then I work on the connection for a while.

Then I lock my computer to head to lunch.

When I unlock my computer when I come back, I can no longer run queries against the connection until I re-authenticate.


I suspect this wouldn't be a trivial feature to implement, but from a security perspective, I would really appreciate it. Of the two, I think the lock computer is more useful, as you can already configure your computer to lock after being idle for a specified amount of time, so it could basically do both.


Thanks for your consideration.

Replies (1)

photo
1

Thank you for your advice.

I would like to ask, why can not directly use the operating system's built-in lock screen timeout feature? After all, the operating system already has this feature, and there seems to be no need to reinvent it again.

Leave a Comment
 
Attach a file