Automatic logout is a built-in security feature in itslearning designed to safeguard against unauthorised access during periods of inactivity.
Administrators can adjust the automatic logout duration in site profiles, or they may apply varying inactivity thresholds to groups and individual users through a policy.
For profiles with the hierarchical role of 'Administrator', the default timeout period is set to 30 minutes, while for other profiles the default is 80 minutes. Users receive a warning dialogue 20 minutes before the inactivity threshold is reached and can choose to remain logged in.
The maximum allowed inactivity duration is 8 hours. For privacy and security reasons, we recommend keeping this time as short as possible, especially in environments where shared devices are used and unauthorized access is possible. However, if users mostly use their own devices or shared devices that require separate sign in, the logout time can be extended.
Activity is detected by user actions that prompt communication with the server, such as saving changes or navigating to a new page within itslearning. There are instances where user activity might not be consistently detected, such as when users are engaged in external tools, O365 documents, or when browsing reports or grading tests for extended periods.