nav[aria-label="Primary Navigation"] { padding: 0; & ul { list-style: none; width: 100%; display: flex; flex-direction: row; justify-content: start; align-items: start; gap: 30px; padding: 0; & li { margin: 0; } & ul li { list-style: none; } } }

Oracle Communities

Oracle Analytics and AI

Child Item

Configuration to disable concurrent sessions for a single user

user9222367

Proposing a new configuration wherein there is an option to disable concurrent sessions for each user. Example is when a user is logged in, the same user cannot login in another tab or in another browser.

Purpose for this is if there are concurrent sessions from a user, it could make it harder to detect account compromise, as an illegitimate user could use a valid credential to authenticate and access the system at the same time as the legitimate user, raising the likelihood of continuous access to the application and its data.

Find more posts tagged with

Security

Needs Votes

Status: Needs Votes

Comments

Sushant Mishra

Agreeing on the security point, it’s valuable for sensitive data use cases. At the same time, many users access OAC from different devices, so maybe instead of disabling concurrent sessions entirely, we can have a role-based option or dashboard setting to prevent concurrent view for each user or role.