We’ve had a number of support request on Smart Insights recently from users asking us why they have to keep logging back into the site, even after ticking the ‘remember me’ option on the login form.
At first I approached this as a potential bug, but after a little digging discovered that WordPress cookie timeout is only set to 14 days for auto-logins.
For a site like ours 14 days isn’t really enough, so I did a bit of digging to see if there was a way to easily change the length of time it takes before WordPress to force users to log back in again.
There is a plugin available that will do this for you, but it hasn’t been updated in over two years – configure-login-timeout. To be completely honest loading your site with plugins to accomplish relatively small configuration tweaks like this isn’t a great idea – it increases the chances of you having conflicts throughout the site and you’ll have yet another admin screen to remember for something that you’ll likely only ever use once.
The easy solution to extending WordPress cookie timeout
After a bit of research I found a simple solution, so I thought I’d share in case it’s any use to anyone else. All you have to do is add the following to your theme’s functions.php file;
function change_wp_cookie_logout( $expirein ) {
return 15552000; // 6 months in seconds
}
add_filter( 'auth_cookie_expiration', 'change_wp_cookie_logout' );
Should you want a different expiry time than six months, just work out how many seconds are in your desired duration, and change the value after return.
Hope that saves someone the effort of hunting for a simple solution to extend the WordPress cookie timeout for auto-login.
After that, when i’m trying log in, i have next error – “You are currently logged in as user. Log out?”
Hi Alex,
Try clearing your browser cache and cookies – it’ll more than likely fix the issue.
but if i’ve set timeout 1 hour, every time i should clear cookie… it’s not good idea as for me.
I suspect your problem may exist outside of the code I provided, Alex – this is the standard WordPress way of changing the cookie timeout, so on its own it wouldn’t cause the behaviour you’re experiencing.
I suspect that once you’ve cleared your browser cookie/cache of the old data that it will have had prior to you changing the timeout setting, the site will work fine from that point on – you won’t need to do this every time.
Hey Stu, thanks for this! Will this affect only the timeout for when “remember me” is checked? I’d like to set both via the functions.php file, but this is a bit beyond my geekery:P
Hi Ryan, apologies for the delay in responding. That’s right – this affects the timeout for the remember me option.