Skip to main content

Login session time in Bob.

  • April 5, 2023
  • 11 replies
  • 186 views

Currently, the web-app session will expire after 6 hours, and the mobile app session will expire only when a user logs out. It's not customizable at the moment.

 

11 replies

  • July 19, 2023

Update :) 

Although the desktop/web session in Bob expires every 6 hours, the Bob mobile app has 2 options.

The Bob mobile app behaves similar to most mobile apps, in that it remains running in the background with continuous access. But, if you enable face/fingerprint recognition on the app - then the session will periodically expire every few hours - and you will be logged out of the app. To log in again, biometric re-authentication (face/fingerprint ID) must be validated successfully. For more information see, Use face/fingerprint ID on mobile and Data security on mobile.


Do we know if there is any plan to add an update to the system whereby users can amend the sign out length?

Thanks 


  • August 29, 2023

Hi Alexis, 
Thank you for the question! We have passed on your request to the Bob R&D teams and will update this thread with any changes.


As the system contains very sensitive data and some company / countries have stricter regulations, I would see as a must to be able to customize it. Otherwise, the system is not compliant with data protection best practices. 


And by the way, what is the update on this, the request to the Bob R&D team was posted 10 months ago

 


Jessica Lane
Bobber

Hi @Elena Milusheva 👋🏻

 

We have an open FR calling for the ability to amend the sign in session time, this is still under review currently.

I have added you to the FR. 😊

 

 


Hello @Jessica Lane and @Nirel Matsil. I am also very interested in this addition. As my organization looks to start using Bob for more sensitive information, we would like the ability to customize sign-out duration, to require users to re-login after 30 minutes of inactivity.

It would also be great to have the option to require mobile users in our company to enable either biometric or two-factor authentication on their mobile devices.

Thank you!

-Noah


  • September 19, 2024

@Noah Ismael You got it!


  • January 14, 2025

I would also like to register our interest in this feature request. Frankly I am really surprised at the lack of login security on an application which by the nature of it contains personal employee data. Bob really should have options to customise automatic sign out duration AND should have 2FA / MFA as an option on ALL interfaces (desktop as well as mobile apps) since some users will share workstations. We would request the development team address these requests as an urgent priority since the application is not compliant with many data protection regimes. Our major public sector customer requires us to sign up to a cyber validation program to qualify for tenders, and that requires ALL cloud based applications to be MFA / 2FA compliant. 

Thanks,

Chris


I would also like to register our interest in this feature request. My company will be handling a lot of sensitive information in Bob, so being able to customize the duration before required sign-out would be ideal.


  • January 24, 2025

@Irene Polk ​@Chris We've got you covered!