Application Security | Session Expiration

I noticed that once I’m logged in successfully to IP, it doesn’t sign me out (localhost and IP Demo Instance). Is there a way to correct this? I believe this would go a long way in protecting the application user from unauthorized access when computer system is left unattended to.

We increased the session expiration time because various users complained about the short time after they are automatically logged out.
If you want the session to expire when the window is closed or after 20 minutes you have to change the value of $config['sess_expiration'] in the file /application/config/config.php
The value is in seconds.


Thanks a lot this worked!