The Assette Client Portal provides secure access to client reports, insights, and other critical financial information. A key aspect of the portal’s functionality is session handling, which ensures a balance between security and usability. This article explains how user sessions are maintained, their duration, and what happens when a session expires.
Session Persistence and Duration #
Like any modern platform, the Assette Client Portal uses session-handling:
- The system uses persistent sessions for a duration of 15 minutes.
- During this 15-minute window, users can re-access the portal without needing to re-enter their credentials, even if:
- They close their browser tab or restart their browser.
- They reboot their machine.
- Users are not required to re-authenticate using their password or dual-factor authentication (2FA) during this period.
Session Expiry and Reauthentication #
Once the 15-minute session duration ends:
- Users will be automatically logged out of the portal.
- To regain access, they must log in again, including completing any required authentication steps (such as 2FA if enabled).
- If a user attempts to access the portal after the session expires, they will be redirected to the login page.
Security Considerations #
While persistent sessions enhance usability, security remains a priority:
- Automatic Logout: The system ensures that inactive sessions do not persist indefinitely, reducing unauthorized access risks.
- 2FA Enforcement: If enabled, users will be required to re-authenticate with dual-factor authentication after the session expires.
- Secure Token Handling: Sessions are managed securely to prevent session hijacking or unauthorized access.
Best Practices for Users #
To maintain security while using the Client Portal:
- Monitor session activity to ensure no unauthorized access to your account.
- Log out manually when finished, especially on shared or public devices.
- Enable two-factor authentication (2FA) for enhanced security.
- Avoid saving login credentials on shared or untrusted devices.