diff --git a/.gitignore b/.gitignore
index 7af4b94..e471e4b 100644
--- a/.gitignore
+++ b/.gitignore
@@ -2,7 +2,6 @@
 
 # dependencies
 /node_modules
-/package-lock.json
 /.pnp
 .pnp.js
 .yarn/install-state.gz
@@ -30,6 +29,9 @@ yarn-error.log*
 # local env files
 .env*.local
 
+#dependency
+package-lock.json
+
 # vercel
 .vercel
 
diff --git a/TODO.md b/TODO.md
index 1f600ad..830d877 100644
--- a/TODO.md
+++ b/TODO.md
@@ -1 +1,21 @@
 # Todo
+
+### Security 
+- Back and front click on browser ( <- ->) logout.
+- Cross from browser logout
+- Taking Url and try to login -Logout
+
+### Feature
+- Password Expiry Logic
+    - login -> check password Expiry -> Change password -> login screen
+- Logout popup :
+    - Are you sure want to logout?
+- Home page password Expiry message
+- Set userId and login with userID
+- Limit of transaction daily
+- Statement Download
+- In Every OTP page "Resend button" & 5 min timing of expiry.
+- OTP binding with actual mobile number.
+- IN settings page NOTE position Fixing.
+
+
diff --git a/instruction.md b/instruction.md
new file mode 100644
index 0000000..96ac0e8
--- /dev/null
+++ b/instruction.md
@@ -0,0 +1,86 @@
+# AWS CLI, Session Manager & Database Access Guide
+
+## 1. Setup
+- Download **AWS CLI**
+- Download **AWS Session Manager Plugin**
+- Generate **Key for KCCB**
+
+---
+
+## Machine 
+```bash
+
+UAT (IB- frontend) : i-0b55435e15425f1c3
+Linux : i-0c850dcf8b85b1447
+```
+
+## 2. Port Forwarding
+
+### API (localhost → EC2:8080)
+```bash
+aws ssm start-session --target i-0c850dcf8b85b1447 --document-name --profile kccb AWS-StartPortForwardingSession --parameters "portNumber"=["8080"],"localPortNumber"=["8080"]
+```
+### PostgreSQL (localhost:5431 → EC2:5432)
+```bash
+aws ssm start-session --target i-0c850dcf8b85b1447 --document-name --profile kccb AWS-StartPortForwardingSession --parameters "portNumber"=["5432"],"localPortNumber"=["5431"]
+```
+### CBS (localhost → EC2:8686)
+
+```bash
+aws ssm start-session --target i-0c850dcf8b85b1447 --document-name --profile kccb AWS-StartPortForwardingSession --parameters "portNumber"=["8686"],"localPortNumber"=["8686"]
+```
+
+## Database Access
+
+```bash
+aws ssm start-session --target i-0c850dcf8b85b1447 --profile kccb
+```
+## 4.PostgreSQL Commands
+
+```bash
+# Connect as postgres
+psql -U postgres
+
+# List all databases
+\l
+
+# Connect to kmobile
+psql -U admin -d kmobile
+
+# Password: kmobile
+
+# Query data
+SELECT * FROM users;
+
+# Expanded display
+\x
+
+# See all tables
+\d
+
+# Table details
+\d users;
+
+# Switch database with specific user
+\c kmobile_banking kmobile_app_rw
+
+# Grant permissions
+grant select, insert, update, delete on table admin to kmobile_app_rw;
+```
+## 4. Linux Machine Access
+
+```bash
+# Run the .bat file first
+ssh username@localhost
+# Enter your password
+```
+## Copy File from Local → Linux
+
+```bash
+scp -P 9022 Smsservice/smsserviceapplication.jar <username>@localhost:/home/<username>
+
+# ssh nabanita@localhost -p 9022
+```
+
+
+
diff --git a/instruction.txt b/instruction.txt
deleted file mode 100644
index 6827acb..0000000
--- a/instruction.txt
+++ /dev/null
@@ -1,36 +0,0 @@
-- download Aws cli and Aws session manager
-- Key generate for KCCB
-- port forwarding :
-
-	aws ssm start-session --target i-0c850dcf8b85b1447 --document-name --profile kccb AWS-StartPortForwardingSession --parameters "portNumber"=["8080"],"localPortNumber"=["8080"]
-
-- run the api in localhost then port forward to Postgres
-	aws ssm start-session --target i-0c850dcf8b85b1447 --document-name --profile kccb AWS-StartPortForwardingSession --parameters "portNumber"=["5432"],"localPortNumber"=["5431"]
-
-- For CBS port forward 
-	aws ssm start-session --target i-0c850dcf8b85b1447 --document-name --profile kccb AWS-StartPortForwardingSession --parameters "portNumber"=["8686"],"localPortNumber"=["8686"]
-______________________________________________________________________
-
-For database:
- - aws ssm start-session --target i-0c850dcf8b85b1447 --profile kccb
- - psql -U postgres
- - \l
- - psql -U admin  -d kmobile
- - password : kmobile
- - SELECT * FROM users;
- - \x
- - \d -- all tables details
- - \d users;  -- see the data type of column
- - \c kmobile_banking kmobile_app_rw -- alter the user
- - grant select,insert,update,delete on table admin to kmobile_app_rw; -- give read write access to a table
-
- ______________________________________________________________________
-
- How to connect through linux machine?
- - run the bat file.
- - shh username@localhost
- - give your password
-
-Copy local machine to linux machine :
-- scp -P 9022 Smsservice/smsserviceapplication.jar <username>@localhost:/home/<username>
-- ssh nabanita@localhost -p 9022
\ No newline at end of file
diff --git a/src/app/(main)/home/page.tsx b/src/app/(main)/home/page.tsx
index 06072d8..79a8161 100644
--- a/src/app/(main)/home/page.tsx
+++ b/src/app/(main)/home/page.tsx
@@ -27,6 +27,29 @@ export default function Home() {
     const selectedLNData = loanAccounts.find(acc => acc.stAccountNo === selectedLN);
     const [showBalance, setShowBalance] = useState(false);
 
+    // If back and forward button is clicked
+    useEffect(() => {
+        window.history.pushState(null, "", window.location.href);
+        const handlePopState = () => {
+            localStorage.removeItem("access_token");
+            sessionStorage.removeItem("access_token");
+            localStorage.removeItem("remitter_name");
+            router.push("/login");
+        };
+        const handleBeforeUnload = () => {
+            // logout on tab close / refresh
+            localStorage.removeItem("access_token");
+            sessionStorage.removeItem("access_token");
+            localStorage.removeItem("remitter_name");
+        };
+        window.addEventListener("popstate", handlePopState);
+        window.addEventListener("beforeunload", handleBeforeUnload);
+        return () => {
+            window.removeEventListener("popstate", handlePopState);
+            window.addEventListener("beforeunload", handleBeforeUnload);
+        };
+    }, []);
+
     async function handleFetchUserDetails() {
         try {
             const token = localStorage.getItem("access_token");
diff --git a/src/app/(main)/layout.tsx b/src/app/(main)/layout.tsx
index 423bfb9..20cd861 100644
--- a/src/app/(main)/layout.tsx
+++ b/src/app/(main)/layout.tsx
@@ -16,10 +16,16 @@ export default function RootLayout({ children }: { children: React.ReactNode })
     const [userLastLoginDetails, setUserLastLoginDetails] = useState(null);
     const [custname, setCustname] = useState<string | null>(null);
 
+    function doLogout() {
+        localStorage.removeItem("access_token");
+        sessionStorage.removeItem("access_token");
+        localStorage.removeItem("remitter_name");
+        router.push("/login");
+    }
+
     async function handleLogout(e: React.FormEvent) {
         e.preventDefault();
-        localStorage.removeItem("access_token");
-        localStorage.removeItem("remitter_name");
+        doLogout()
         router.push("/login");
     }
 
@@ -65,6 +71,25 @@ export default function RootLayout({ children }: { children: React.ReactNode })
             });
         }
     }
+    useEffect(() => {
+        // Push fake history state to trap navigation
+        window.history.pushState(null, "", window.location.href);
+        const handlePopState = () => {
+            doLogout(); // logout when back/forward pressed
+        };
+        const handleBeforeUnload = (e: BeforeUnloadEvent) => {
+            // logout on tab close / refresh
+            localStorage.removeItem("access_token");
+            sessionStorage.removeItem("access_token");
+            localStorage.removeItem("remitter_name");
+        };
+        window.addEventListener("popstate", handlePopState);
+        window.addEventListener("beforeunload", handleBeforeUnload);
+        return () => {
+            window.removeEventListener("popstate", handlePopState);
+            window.addEventListener("beforeunload", handleBeforeUnload);
+        };
+    }, []);
 
     useEffect(() => {
         const token = localStorage.getItem("access_token");
diff --git a/src/app/ForgetPassword/page.tsx b/src/app/ForgetPassword/page.tsx
index 4a4e132..33e4188 100644
--- a/src/app/ForgetPassword/page.tsx
+++ b/src/app/ForgetPassword/page.tsx
@@ -25,6 +25,8 @@ export default function ForgetLoginPwd() {
   async function handleLogout(e: React.FormEvent) {
     e.preventDefault();
     localStorage.removeItem("access_token");
+    sessionStorage.removeItem("access_token")
+    localStorage.removeItem("remitter_name");
     router.push("/login")
   }
 
@@ -215,7 +217,7 @@ export default function ForgetLoginPwd() {
                         onChange={(e) => setCaptchaInput(e.currentTarget.value)}
                         required
                       />
-                      {captchaError && <p style={{ color: 'red',fontSize:'12px' }}>{captchaError}</p>}
+                      {captchaError && <p style={{ color: 'red', fontSize: '12px' }}>{captchaError}</p>}
                     </div>
 
                     <Button
diff --git a/src/app/SetPassword/page.tsx b/src/app/SetPassword/page.tsx
index c9a3f2c..aced174 100644
--- a/src/app/SetPassword/page.tsx
+++ b/src/app/SetPassword/page.tsx
@@ -36,6 +36,8 @@ export default function SetLoginPwd() {
   async function handleLogout(e: React.FormEvent) {
     e.preventDefault();
     localStorage.removeItem("access_token");
+    sessionStorage.removeItem("access_token")
+    localStorage.removeItem("remitter_name");
     router.push("/login")
   }
   const regenerateCaptcha = () => {
diff --git a/src/app/SetTxn/page.tsx b/src/app/SetTxn/page.tsx
index 139fb54..be4ecd5 100644
--- a/src/app/SetTxn/page.tsx
+++ b/src/app/SetTxn/page.tsx
@@ -35,6 +35,8 @@ export default function SetTransactionPwd() {
     async function handleLogout(e: React.FormEvent) {
         e.preventDefault();
         localStorage.removeItem("access_token");
+        sessionStorage.removeItem("access_token")
+        localStorage.removeItem("remitter_name");
         router.push("/login")
     }
     const regenerateCaptcha = () => {