Timeouts ensures that users are informed about inactivity time limits that will cause data loss, particularly if those time limits are under 20 hours.
Who this impacts
- Everyone: Clear timeout expectations for user inactivity help everyone stay in control of their experience, preventing frustration from unexpected timeouts and data loss.
How to meet Timeouts
- Ensure users aren’t caught off guard: If your site requires timeouts shorter than 20 hours for any reason, make sure users know in advance, and consider providing options for handling the timeout.
Practical example
Meowcation dumps your vacation planning basket after 8 hours of inactivity. The site provides a clear warning about this timeout in its session policies, letting users know exactly how long they have before they’ll need to start over.
Exceptions
Security-critical applications (like banking or healthcare systems) may have shorter timeouts due to safety requirements. However, these shorter timeouts must be communicated clearly, and users must be aware of them before they happen.
Top tips
- Communicate timeouts clearly: Ensure users know how long their session can remain inactive before being logged out, especially when it’s less than 20 hours.
- Test for clear messaging: Verify that users are properly informed about timeouts, and that warnings and time limits are easy to understand.
- Provide consistent timeout policies: Apply clear, consistent timeout policies across your website or app, giving users confidence in how long they can remain inactive.