We have two databases here at work that we use constantly. Because we are in financial services security is a big concern, so both databases time out after a certain amount of inactivity, so that if someone should wander away from a computer no one will be able to utilize the computer for some nefarious purpose, at least not for long.
The first is set to time out in 15 minutes. Fine and dandy, reasonable enough. But it doesn’t indicate that it’s timed out until you try to use it. So a customer is on the line and I’m typing merrily away and hit enter and go to the time out screen. Which means I have to back out, copy what I typed, hit enter again, go to the sign on screen and log in. Drives me crazy! I appreciate the security concens, I applaud the time out feature, but for fuck’s sake, program it to dump to the timeout screen when it times out!
The other one I have no idea what the time out is set to; it seems to be more or less random as far as I can tell, although it obviously isn’t. What drives me insane about this one is that it times out right in the middle of typing! So I’m typing merrily along entering a customer’s credit card number or whatever and the screen times out. I have to interrupt the customer, log back in and make them repeat everything they just said. Again, agree with the concept, but if I’m actually using the database, don’t fucking time me out of the database!
Are there two separate timeout mechanisms in place? (One for x amount of time inactive, and another for y amount of time in general?)
I can understand having the first one (and agree with you on the introduction of a “timed out” screen), but the second one would make no sense to me at all.
As far as security features go, one of my credit card companies has me beat.
If you want to access your account online, you have to go through so many bells and whistles. Account name, password, verify your secret message and answer THREE security questions before they’ll let you in.
And then they send you a paper bill with the entire account number printed right on it.
My guess in the first case is that the timeout is being handled by the server and is tied to your DB connection rather than the front end program you are using, the upshot being that the program doesn’t know when a timeout is going to occur, only when it does occur.
The second case is possibly a variant of the first, the ‘randomness’ of the timeout is probably connected to the last time it had to talk to the server rather than the last time you interacted with the client.
I work with one that tells you it has timed out. It will pop up in front of anything you’re working on at the moment, as it thinks that telling you it has timed out is more important than anything else you could possibly be doing. Annoying as hell, but yours sounds worse.
What if you manually logged out and back in every 3rd caller (or however many calls you take in 15 minutes). It’d be a pain in the ass, but you wouldn’t have to retype data. My webmail client does the same thing, so I’ve gotten into the habit of copying my entire email before I send it, just in case.
Our departmental financial reporting system, which shows various summaries of the financial data (all of which is available to the public through Access to Information requests), automatically logs you out after ~20 minutes of inactivity. Our actual financial system, in which I can and have entered and approved multi-billion-dollar transactions, lets you stay logged in all day if you don’t log out manually. Go figure.
Hahaha! Three calls in 15 minutes! What a dream job that would be! I do try to remember on the first system, when I’m on a 15 minute break or 30 minute lunch to do a query (like searching for a partial debit card, which doesn’t work) to reset the timer. Can’t do that with the other one AFAIK because typing doesn’t stop the clock. Or sometimes I’ll get a series of calls using the second database and I lose track of the time and then a call comes in for the first databse and it’s timed out. So dumb.