Welcome Login

For current information from GSA about COVID19 please click HERE

You are here

Helpful Hints: Session Timeouts on beta.SAM.gov

Session timeouts protect your beta.SAM.gov account from unauthorized access.

What are session timeouts?

A session timeout is a security feature that automatically logs a user off when there is no activity after a certain amount of time. Sessions are created when a user logs in with a username and password. Timeouts occur when the sessions go idle for a period of time, meaning when the system does not receive any action from the mouse or keyboard. Timeouts may occur if you step away from your computer or leave a session window in an idle state. Timeouts ensure that sessions close when they are no longer in use, preventing unauthorized access and reducing exposure to data breaches.


Session Timeouts beta.SAM.gov

GSA Security Policy requires inactive user sessions to time out. In beta.SAM.gov, timeout occurs after 15 minutes of inactivity. In line with industry standards, beta.SAM.gov presents a pop-up window at 13 minutes of inactivity. This pop-up will stay on screen for 2 minutes and count down to allow you to select “Continue” to continue the session, or “Logout” to close the session. If you do not respond to the prompt in time, you will be automatically signed out. This is done to protect your account and the integrity of the system.


Why the extra precaution for public data?

You may be wondering why the timeouts are necessary, since much of the data in beta.SAM.gov is a matter of public record. Consider, though, that some users have access to view sensitive data. If a user with those permissions is logged in and leaves their computer unattended, a malicious actor could take advantage of the situation to find or change important information. Session timeouts provide an extra layer of security to protect your profile from being compromised. Since, we can’t know when or where this might happen, the precaution must be applied to every user account. 


See what the User Session Timeout prompt looks like in the image following.


The image shows how to sign in to beta.SAM.gov, shows the user session timeout that appears after 13 minutes of inactivity, and shows to click continue within 2 minutes to stay logged in.

So to recap, session timeouts reduce risk by helping to maintain a more secure environment and preserve the integrity of the system. Remember to always close sessions when you are done working. We hope this post helped you gain a greater understanding of how session timeouts protect your beta.SAM.gov account from unauthorized access. 


Access the beta.SAM.gov Learning Center any time for step-by-step videos and instructions. Remember, if you need further assistance using beta.SAM.gov, the Federal Service Desk is here to help Monday through Friday, 8 a.m. to 8 p.m. ET at FSD.gov


For more information, please see NIST Special Publication 800-63B: Digital Identity Guidelines


Views: 193

The IAE environment is designed to transition multiple, stove-piped applications into an integrated workforce tool set for awards management across... More

To stay informed on the group's latest updates, subscribe here.