The users of my web application are complaining that the 20 min default timeout is too short and they don't want to have to keep logging in.
I have tried changing the timeout from the default 20 mins but whatever I set it to it seems to have a max of 1 hour.
At first I set the timeout in the web.config file
<sessionState timeout="240" />
But that didn't seem to make any difference.
Then I read somewhere that you have to change the timeout in the configuration in IIS. So I did that.
It still times out at about 1 hour!
So my question is:
what's the best way to get round my users having to log in all the time to preserve their sessions?
Find a way to extend the timeout (how?), or is there a better way to handle this?