Cookie expiration length

I am wondering if the length of the login cookie for this site can have a set expiration time, I have looked at the developer portal and seen 3 cookies, 2 have session and one has expiration date of a month after login. I don’t know which is the login cookie.

I only realised this because I signed in to this sight last night, using my Github login and when I came back this morning I was still signed in. I thought this was strange because when I do this with Github I get logged out in the morning if I refresh the page.

I am not quite sure how much this relates to security, I guess most people close the browser after they have visited the site so the session cookies would be cleared but not the month one, is this correct? I don’t know if this is the case for other login methods or if it would add any benefit to limit the login cookie to a set amount of hours.

Probably the one with an expiration date of 1 month. This is likely a security feature of the site to try and prevent unauthorised access.

Yep, that’s correct

Each website would need to set the cookie to expire

It would make the website more secure, but less convenient for the user.

Just saying, I have my Firefox set up to dump cookies after I close my browser except for the ones I have exceptions for, and this Techlore forum is one of the sites I have as an exception. My preference would be to keep cookies as they are but leave it to the users to handle the cookie the way they want.