MZMcBride <z <at> mzmcbride.com> writes:
What's the reason for having the cookie expire at
all (or expire in any
reasonable timeframe)? I'm not sure I see what security benefits any expiry
provides (much less a 30-day one) given the rampant use of password stores
in browsers.
Setting the cookie expiry to practically infinite would also solve bug 24892 [1].
[1]
https://bugzilla.wikimedia.org/show_bug.cgi?id=24892