Account Security

Session Settings Guide

Remaining logged in to any website for a long period of time increases your risk of a cyber attack. To help your organization stay safe, the KMSAT console has absolute session limits built-in. However, you can set additional session limits in your Account Settings.

Absolute Session Limits

All admin console and Learner Experience (LX) sessions are limited to 12 hours. If a user has been logged in for nearly 12 hours, a notification prompts them to log out before the session ends. If the user does not log out, the session will end and they will be asked to log in again to continue.

If an LX session is ending and a user clicks on the Start button of a training assignment, a pop-up notification will display. The user will be asked to log out and log back in before starting the training. 

Inactive admin console and LX sessions will timeout after eight hours. After eight hours of inactivity, the user will be logged out. When the user returns, they will be asked to log in again.

Inactive Session Timeout Options

You can shorten the inactive session limit of your users by following the steps below:

  1. Log in to your KMSAT console.
  2. In the top-right corner, click your email address and select Account Settings.
  3. Navigate to the User Settings subsection under User Management.
  4. There are two session drop-down menus:
    • The Admin Session Timeout drop-down menu limits the length of all inactive admin console sessions. Users will be logged out after they have been inactive for the amount of time selected from the drop-down menu. The default setting is eight hours.
    • The User Session Timeout drop-down menu limits the length of all inactive Learner Experience (LX) sessions. Users will be logged out after they have been inactive for the amount of time selected from the drop-down menu. The default setting is eight hours.
  5. Once you have set your session timeouts, save these options by clicking Save Changes at the bottom of the page.

Simultaneous Sessions

When an admin or user is logged in to the KMSAT console from multiple locations at the same time, it is known as a simultaneous session. Simultaneous sessions can put your platform at risk of being accessed by cybercriminals. For an added layer of security, we recommend using the features listed in the below subsections.

Log Out of Simultaneous Sessions

Admins and users can manually log out of all of their current sessions from their profile by following the steps below:

  1. In the top-right corner of your KMSAT console, click your name or email address.
  2. Select Profile.
  3. Click Log Out of All Sessions at the bottom of your profile. 
  4. Once clicked, you will immediately be logged out of the KMSAT console.
Note: Admins and users will automatically be logged out of all of their current sessions if their password is changed or multi-factor authentication (MFA) is enabled or disabled.

Limit Sessions to Specific IP Ranges

You can prevent admins and Security Role users from accessing the console from an IP address outside a specified range. Follow the steps below to enable this setting.

  1. Log in to your KMSAT console.
  2. In the top-right corner, click your email address and select Account Settings.
  3. Navigate to the User Settings subsection under User Management.
  4. Select the Only allow console sessions from specific IP ranges check box to enable this setting.
  5. Enter the IP ranges from which you would like to allow admins and Security Role users to access the console.
    Important: You must also enter your own public IP address in order for the setting to be saved.
  6. Click Save Changes at the bottom of the page.

Prevent Simultaneous Sessions

You can prevent admins and security role users from having simultaneous console sessions on multiple IP addresses. Follow the steps below to enable this setting.

  1. Log in to your KMSAT console.
  2. In the top-right corner, click your email address and select Account Settings.
  3. Navigate to the User Settings subsection under User Management.
  4. Select the Limit a user's console sessions to one IP address check box to enable this setting. 
  5. Save this setting by clicking Save Changes at the bottom of the page.

Can't find what you're looking for?

Contact Support