How to Extend the Auto Logout Period in WordPress
The default WordPress behavior for logging a user out is to make a login session cookie that expires in 48 hours or when the browser is closed. If the “Remember Me” box is checked, WordPress will give you 14 days before forcing you to authenticate again.
But what if you don’t want to be bothered to remember your passwords or take the time to look them up?
When working with multiple WordPress sites, keeping track of all of your highly complex/tricky admin passwords and remembering them on command every two weeks can become a challenge.
Here’s a useful bit of code for increasing the time that cookies are kept, so that users can remain logged in longer.
- Stop WordPress from logging you out
- I don’t feel comfortable editing files. Is there a plugin for this?
This was originally posted by Alex (Viper007Bond) on the WordPress StackExchange in response to a user’s question.
Stop WordPress from logging you out
Add this to your theme’s functions.php file:
function keep_me_logged_in_for_1_year( $expirein ) {
return 31556926; // 1 year in seconds
}
add_filter( 'auth_cookie_expiration', 'keep_me_logged_in_for_1_year' );
Change it to whatever time frame you like.
You can, in essence, stop WordPress from ever logging you out by changing the number of seconds to be a much higher number.
I don’t feel comfortable editing files. Is there a plugin for this?
Yes, there’s one for nearly anything. If you prefer the ease of a plugin, you can try WordPress Persistent Login.
It gives you an admin panel for configuring the values of the normal authentication timeout as well as the “Remember Me” authentication timeout.
Even better, you can just install Defender (our free security plugin), run a scan, and let Defender’s Manage Login Duration feature handle this for you as part of the plugin’s security recommendations.
FREE EBOOK
Your step-by-step roadmap to a profitable web dev business. From landing more clients to scaling like crazy.
FREE EBOOK
Plan, build, and launch your next WP site without a hitch. Our checklist makes the process easy and repeatable.
Note: Defender automatically recommends a shorter default login duration time for security reasons. However, you can easily extend this auto-logout period manually by entering a longer value in the Login duration field and clicking the Update Duration button to save your settings.
The most useful situation for extending the auto-logout period would be for local development installations, where you don’t want to have to log in all the time.
You might also find it helpful for WordPress sites that you manage alone without any other users. Set the time to do whatever you feel comfortable with.
After all, it is YOUR WordPress site!
Sarah Gooding Sarah is a designer and developer who specializes in WordPress. She and her husband operate Untame, where they build business websites, online stores, and social networks using open-source technologies. She is a former author for WPMU DEV on all things WordPress, Multisite, and BuddyPress.