Hello,

I want that the users of my site stay logged in when they close their browser. Now I found something about sessions in the admin panel and I enabled it. Default the session time is 15 minutes and it works. But after 15 minutes the session ends and users have to log in again. So I changed this to 99999.

Now my question: is it safe to change this 15 minutes to a very large number like 999999 ? So users stay logged in for a long time. Are there any risks when I do this?

grtz

someone?

Quote:

This is something you have to answer for yourself. Of course there are "risks" when the session timeout is very long. If you have many users there may be a lot of still living sessions. The longer the session lasts the higher the risk that some third person may use this session for evil purposes.

As said - you have to decide how much risk you want to allow.