How secure your Azure Management Portal?. By default, the inactivity timeout of the Azure Management portal is set to ‘Never’. From a security perspective, this is far from ideal. This small setting can be easily overlooked. It’s a good idea to configure this for your tenant.
Administrators can set this value themselves. Global administrators are able to set this value globally. When configuring this setting, your administrators will be logged out when they are inactive for a period of time. You can change this setting from the Settings pane in the Azure portal.
- Set the time-out on directory level
- This is the time-out setting per user
How to setup
- To set the time-out on directory level, click on Settings (the gear) in the Azure Portal or go to it here directly: https://aad.portal.azure.com/#settings. Go to Signing out + notifications and set the time you want.
- Set Enable directory level idle timeout from the Settings pane in the Azure portal. Here you can set the value, for example, 30 minutes:
New sessions will now honor the new default time-out. Administrators can override this setting, but only with a value less than the directory default as you can see here:
Click Apply to save.
Learn more about the settings here