Yeah, if you have thousands of locked tasks at any given time then the overhead there might be too steep.
An alternative would be to check if the task is unlockable at the point where another user wants to open it. Then you can check if the previous user is still logged in, if they are then check the
lastActionAt and if it's past the timeout then unlock. And, if the user is not logged in, then unlock. More of a just-in-time solution that eliminates polling overhead.
The con here is if you're displaying lock status to users then they won't know if it's unlockable until they try. But then a 'Sorry, this task is locked by Y user' kind of message would suffice. It'd be horrible UI design lol, but better than nothing, perhaps?
Otherwise, you're pretty well stuck with polling unless someone else has better ideas