When users, who are signed-in to the Kentico administration interface, leave their workstations unattended, someone else can tamper with the system. For this reason, Kentico allows you to set up automatic screen locking. This feature locks the working area of the browser with the administration interface after a specified time of inactivity. The users can unlock the screen after typing their password.
When using Windows authentication, this feature does not work, as unlocking the screen would not require a password. The screen locking feature is useful only in a combination with the forms authentication or the mixed modeauthentication.
Invalid logon attempts
When users try to unlock their screens, every failed attempt to log in is counted as an invalid logon attempt (if you have enabled this functionality).
Enabling screen locking
To enable screen locking, navigate to Settings -> Security & Membership -> Protection -> Screen lock and select the Enable screen lock check box.
The Screen lock feature offers these additional settings:
- Lock interval - time interval (in minutes) that has to pass before the screen locks. This value has to be greater than zero and lower than the application’s session timeout (20 minutes by default).
- Warning interval - time interval (in seconds) for how long a screen lock warning, accompanied by a timer, will be displayed before the actual lock occurs and users have to type in their password.
When the warning is displayed, users can click Cancel to reset the lock interval. Note that to stop the countdown, users have to perform an action (e.g. a mouse click) in the UI. Moving the mouse is not enough.