Comment Auto Lock Your Computer/web app/insert resource (Score 1) 336
This problem is a non-issue and has been for years. Every Windows, Mac and Linux desktop I have had the pleasure of administering over the last 10 years had an automatic computer lock after x minutes of non-use. It is easy to set up for both enterprise and home users. The idea that this password is "set by the end user and less secure" is just plain silly as it *should* just use the credentials of the logged in user. If this is in the enterprise, it will follow whatever the password policy is corporate wide. If this is an end user, they need to make a secure password, which is their responsibility if they care about safe computing.
For web resources, require re-authentication (the idea that re-authorization plays any part in this scenario is making it needlessly more complicated) after x amount of time. All web frameworks have a built in time out for this reason. You actually have to go out of your way to write something that doesn't automatically time out after a period of time.
To put this bluntly, if you're having a problem with this sort of issue.....you're doing it wrong.
For web resources, require re-authentication (the idea that re-authorization plays any part in this scenario is making it needlessly more complicated) after x amount of time. All web frameworks have a built in time out for this reason. You actually have to go out of your way to write something that doesn't automatically time out after a period of time.
To put this bluntly, if you're having a problem with this sort of issue.....you're doing it wrong.