Big Sur - Enforce Auto Logout After 24 Hours of Inactivity

Information

Auto logout _MUST_ be configured to automatically terminate a user session and log out the after 86400 seconds (24 hours) of inactivity.

NOTE:The maximum that macOS can be configured for autologoff is 86400 seconds (24 hours).

[IMPORTANT]
====
The 24-hour automatic logout may cause disruptions to an organization's workflow and/or loss of data. Information System Security Officers (ISSOs) are advised to first fully weigh the potential risks posed to their organization before opting to disable the 24-hour automatic logout setting.
====

Solution

This is implemented by a Configuration Profile.

mobileconfig profile info:

.GlobalPreferences:
com.apple.autologout.AutoLogOutDelay:
86400

See Also

https://github.com/usnistgov/macos_security

Item Details

Category: ACCESS CONTROL

References: 800-53|AC-2(5), 800-53|AC-12, CCE|CCE-85424-0, CCI|CCI-002361

Plugin: Unix

Control ID: 9eb4185475fb2ee4c2ffb007c7d98203ac876cce854d3e7e14a356e91216a6d1