Do the session cookies expire? My cohort was still logged on after a couple of days, and also with his browser closing. He’d like to know if there is a policy about having to re-authenticate at least once every 24 hours? Apparently, it is good to have them “expire” for security reasons. If we ban someone, we know that for sure in 24 hours they will be logged out and their permissions reset. We know if somoene leaves a session open on a computer somewhere in public that it will log out in 24 hours so people can’t just post randomly.
Are there settings for this and what should I search for in settings to bring them up?
Thanks in advance,