It would be good to enforce the timeout for users so that they automatically get logged out of Passwork after a period of inactivity. This can currently be set by the user on a per-user basis, but it'd be better if this could be globally enforced by the administrators for extra security.