It seems currently the session never times out, and unless user logs out manually, they remain open forever.
It is convenient to keep it logged in for several hours (maybe 3 hours), but then it would be nice to have the session expire
for incidental forgetting on log off on other people's or more public computers.
It seems currently the session never times out, and unless user logs out manually, they remain open forever. It is convenient to keep it logged in for several hours (maybe 3 hours), but then it would be nice to have the session expire for incidental forgetting on log off on other people's or more public computers.