Ever since the 4.x releases of DotNetNuke theres been a long standing issue with the behaviour of temporary and persistent cookies where there wasn't a way to set short periods of temporary cookie expiration and to specify longer periods for user who don't want to regularly log in. This was caused by a change in the way asp.net 2.0 handles the different types of authentication cookies (for the full background on this see http://www.dotnetnuke.com/Community/Blogs/tabid/825/EntryID/1704/Default.aspx) .

After a few attempts, and with a helpful hint from Don Worthley, we finally got code in the 4.8.1 release that addresses this problem, and recently updated the dotnetnuke.com configuration to take advantage of this. At the minute if you log into dotnetnuke.com, but don't check the "remember me" checkbox a temporary cookie is created with a timeout of 2 hours. If you check the "remember me" checkbox, a persistant cookie is created with a timeout of 2 weeks. To work around this limitation of asp.net 2.0, we added a new web.config key, PersistentCookie, that get's read during login and some custom code then updates the cookie values approriately if "remember me" has been selected. This allows site owners to select values that allow for security for temporary users and convenience for those who want persistent cookies..

If you want to make similar changes to your own site, edit your web.config and update the following nodes to whatever value you require (the approriate fields are identied in bold below - all values are in minutes i.e. 60 minutes*24 hours*14 days=20160).

<forms name=".DOTNETNUKE" protection="All" timeout="120" cookieless="UseCookies" />

<add key="PersistentCookieTimeout" value="20160" />