How to Extend the Auto Logout Period in WordPress

How to Extend the Auto Logout Period in WordPress

The default WordPress behavior for logging a user out is to make a login session cookie that expires in 48 hours or when the browser is closed. If the “Remember Me” box is checked, WordPress will give you 14 days before forcing you to authenticate again.

But what if you don’t want to be bothered to remember your passwords or take the time to look them up?

When working with multiple WordPress sites, keeping track of all of your highly complex/tricky admin passwords and remembering them on command every two weeks can become a challenge.

Here’s a useful bit of code for increasing the time that cookies are kept, so that users can remain logged in longer.

This was originally posted by Alex (Viper007Bond) on the WordPress StackExchange in response to a user’s question.

Stop WordPress from logging you out

Add this to your theme’s functions.php file:

function keep_me_logged_in_for_1_year( $expirein ) {
return 31556926; // 1 year in seconds
add_filter( 'auth_cookie_expiration', 'keep_me_logged_in_for_1_year' );

Change it to whatever time frame you like.

You can, in essence, stop WordPress from ever logging you out by changing the number of seconds to be a much higher number.

I don’t feel comfortable editing files. Is there a plugin for this?

Yes, there’s one for nearly anything. If you prefer the ease of a plugin, you can try WordPress Persistent Login.

It gives you an admin panel for configuring the values of the normal authentication timeout as well as the “Remember Me” authentication timeout.

Even better, you can just install Defender (our free security plugin), run a scan, and let Defender’s Manage Login Duration feature handle this for you as part of the plugin’s security recommendations.

Manage Login Duration - Defender
Let Defender manage your login duration automagically.

Note: Defender automatically recommends a shorter default login duration time for security reasons. However, you can easily extend this auto-logout period manually by entering a longer value in the Login duration field and clicking the Update Duration button to save your settings.

Defender - Manage Login Duration
You can easily extend your login duration manually in Defender’s Security Recommendations section.

The most useful situation for extending the auto-logout period would be for local development installations, where you don’t want to have to log in all the time.

You might also find it helpful for WordPress sites that you manage alone without any other users. Set the time to do whatever you feel comfortable with.

After all, it is YOUR WordPress site!

Know any other plugins or code options that may help with this problem? Let us know if we've missed something below!
Sarah Gooding
Sarah Gooding Sarah enjoys staying on top of the latest WordPress and BuddyPress news. Get in touch with Sarah on Twitter @pollyplummer.