'Why is the standard session lifetime 24 minutes (1440 seconds)?
I've been doing some research on PHP Session Handling and came across the session.gc_maxlifetime value of 1440 seconds.
I've been wondering why the standard value is 1440 and how it is calculated?
What is the basis for this calculation?
How long does it make sense to keep sessions? What min/max values for session.gc_maxlifetime would you recommend? The higher the value, the more vulnerable the Web-App is for Session Hijacking, I'd say.
Sources
This article follows the attribution requirements of Stack Overflow and is licensed under CC BY-SA 3.0.
Source: Stack Overflow
| Solution | Source |
|---|