Session setting and its effect on users
A session is the period of time during which a user interfaces with Salesforce. The user session begins when the user accesses the Salesforce organization and ends when the user logs out of it. You can set Session Settings in Salesforce according to the organization security you want. For example, the system administrator of Appiuss, Sagar Pareek, wants to expire the session of every inactive user after 30 minutes, to ensure security.
In order to achieve this, follow these steps:
Navigate to Setup | Administer | Security Controls | Session Settings:
It will redirect you to customize the Session Security Settings page.
In Timeout value, set the value to 30 minutes. You can also select various session settings, listed as follows, depending on what happens when the session expires:
Lock sessions to the IP address from which they originated
Require secure connections (HTTPS)
Force relogin after Login-As-User
Require HttpOnly attribute
You can also enable...