Oracle Analytics Cloud and Server Idea Lab

Welcome to the Oracle Analytics Community: Please complete your User Profile and upload your Profile Picture

Configuration to disable concurrent sessions for a single user

Needs Votes
7
Views
1
Comments

Proposing a new configuration wherein there is an option to disable concurrent sessions for each user. Example is when a user is logged in, the same user cannot login in another tab or in another browser.

Purpose for this is if there are concurrent sessions from a user, it could make it harder to detect account compromise, as an illegitimate user could use a valid credential to authenticate and access the system at the same time as the legitimate user, raising the likelihood of continuous access to the application and its data.

Tagged:
1
1 votes

Needs Votes · Last Updated

Comments

  • Sushant Mishra
    Sushant Mishra Rank 5 - Community Champion

    Agreeing on the security point, it’s valuable for sensitive data use cases. At the same time, many users access OAC from different devices, so maybe instead of disabling concurrent sessions entirely, we can have a role-based option or dashboard setting to prevent concurrent view for each user or role.