Session timeout is an account-level security setting that any account admin can enable and is part of user session management. Enabling session timeout will automatically log any user out of your ActiveCampaign account if they are idle for a set period of time. While enabling this setting is not required, it is recommended. The session timeout helps ensure your account is secure and protected from unauthorized access.
In this article, you'll learn how to configure session timeout for your ActiveCampaign account.
Any user in the Admin group can enable session timeout and set the session timeout length
- You can set session timeout length from 15 minutes to 24 hours (in 15-minute or 1-hour increments)
- The trial account timeout length is 24 hours. This cannot be changed
- Session timeout is set at an account level. It cannot be set on an individual user basis
- A timeout warning will appear in a dialogue box 60 seconds before a user is automatically logged out
- This security setting is included on all plan tiers
How to enable session timeout
- Click "Settings" (gear icon).
- Click "Security."
- Click the "Session Timeout" toggle to set it to the "On" position.
- Click the dropdown(s) under "Session Timeout Length" to set the timeout limit. If a user is idle for this period of time, they will be logged out of the account.
Note that if you do not set a session timeout length, it will default to 24 hours.
Your settings will automatically save.
What is considered an idle account user?
An idle account user is an individual who has log-in access to your ActiveCampaign account and has not clicked, typed, or refreshed a page in their account within a set period of time.
What is a user session?
A user session is when an individual performs a series of actions in your ActiveCampaign account. These actions include creating and sending a campaign, configuring an automation, importing contacts, managing a pipeline, and more. A user session begins when the individual logs into the account and ends when they log out.
What is user session management?
User session management is a critical security consideration recommended for all ActiveCampaign account users. It lets account admins control various security settings with regard to user sessions. At this time, ActiveCampaign offers account admins the ability to set session timeout on an account level.
How does the timeout warning appear to users on my account?
Here is an image of how the timeout warning will appear to idle users on your account:
What are other account security settings available?
In addition to enabling session timeout, we highly recommend all customers enable multi-factor authentication, also known as MFA.
MFA enhances your business's security by requiring users to identify themselves using two identification methods. One is your username and password, and the other is a NEW six-digit verification code. Enabling MFA can help to prevent unauthorized access to your account further.
This setting is located on the Settings > Security page in your ActiveCampaign account.