By default, G Suite web sessions are automatically signed out of after two weeks. But to better tailor to each company, Google is now allowing G Suite admins to specify a more precise session length from a dropdown list. Additionally, admins can also now force two-factor authentication prompts to pop up on every sign-in for better security.
Admins can now select durations from as little as one hour all the way to infinite (no automatic sign-outs). This only applies to desktop and some mobile browser sessions, not native mobile apps like Gmail on Android and iOS. Additionally, Google must be responsible for the login.
Another option being added is two-factor authentication prompts on every login. Right now, there's an option to 'Remember this computer,' but G Suite admins will be able to disable this if they'd like to sacrifice some convenience for more security. This only applies to those users who do use 2FA, and the 'Remember this computer' option will still be available by default.
Only G Suite Business, Enterprise, and Education customers will get the session duration controls, but the 2FA controls are available to all G Suite admins. If you don't yet have the feature on your console, be patient; the rollout could take up to 15 days.
- G Suite Blog