Rather than extending the life of the cookie (which is currently set for 30 days), I made the changes to "refresh" the cookie as you visit the site. This was not quite as easy as it would sound since the cookie logic also has to respect the user's selection to not save his login/password. There are several different situations that must be taken into account:

• The user logged in and wants their password saved
• The user logged in and doesn't want their password saved
• The user auto logged in and (we assume) wants his password saved

Now the autologin cookie should only expire 30 days after your last visit.

Maybe I should change that to 3 days - to encourage everyone to visit more often... :D

Bruce Luckcuck
Director, Applications & Support Services
Wiley Publishing, Inc.