Problem: Sessions last forever. Shared computers (labs/schools) pose risk—next user accesses abandoned account. Non-compliant with security standards (30-min timeout).
Proposed Solution: Implement 30-minute idle timeout + 24-hour absolute timeout, auto-logout with UI warning, session keep-alive heartbeat.
Problem: Sessions last forever. Shared computers (labs/schools) pose risk—next user accesses abandoned account. Non-compliant with security standards (30-min timeout).
Proposed Solution: Implement 30-minute idle timeout + 24-hour absolute timeout, auto-logout with UI warning, session keep-alive heartbeat.