I would like a similar experience in the browser that we have with the mobile app. Set an expiration where the user can still unlock quickly with PIN.
A trusted computer browser stores the main logon cookie with no expiration. But this cookie only has an encrypted blog that cannot access the mailbox alone. The 2nd cookie set to expire in X minutes/hours must be combined with a user supplied PIN, and that will decrypt the non-expiring main cookie, which logs the user back into the mailbox.
I would like a similar experience in the browser that we have with the mobile app. Set an expiration where the user can still unlock quickly with PIN.
A trusted computer browser stores the main logon cookie with no expiration. But this cookie only has an encrypted blog that cannot access the mailbox alone. The 2nd cookie set to expire in X minutes/hours must be combined with a user supplied PIN, and that will decrypt the non-expiring main cookie, which logs the user back into the mailbox.