ASVS Requirement 7.3.2

• Level: 2
• Chapter: V7 Session Management
• Section: V7.3 Session Timeout
• Source: 0x16-V7-Session-Management.md

Description

Verify that there is an absolute maximum session lifetime such that re-authentication is enforced according to risk analysis and documented security decisions.