From b609977fb14b1f6da23d14a3537b24a1621a7a56 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Fran=C3=A7ois=20Kooman?= Date: Mon, 26 Jul 2021 16:45:30 +0200 Subject: [PATCH] additional comments --- SESSION_EXPIRY.md | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/SESSION_EXPIRY.md b/SESSION_EXPIRY.md index 341267a..bbe9e27 100644 --- a/SESSION_EXPIRY.md +++ b/SESSION_EXPIRY.md @@ -27,6 +27,15 @@ users that are no longer eligible to use the VPN from the portal. It is a bit of a judgment call. We know of organizations that set it to 12 hours, and also organizations that set it to 3 years. +**NOTE**: if you choose to for example 1 day, this will mean that if a user +authenticates at 09:30, the next day at 09:30 their session will expire, +meaning the may have to authorize/authenticate during a video call. Not great. + +**NOTE**: in a future server (or client) version we aim to implement a +mechanism that either expires the VPN session at night, or update the client +to warn the session is about to expire during working hours and offer to renew +it. + ## Changing Session Expiry You can change the session expiry by modifying -- 2.45.2