Minimize absolute session timeout duration

Release version: Australia

Updated March 12, 2026

1 minute to read

Use the glide.ui.user_cookie.max_life_span_in_days property to set a maximum life span for user cookies created when users log in with the Remember Me checkbox selected. When the cookie expires, users who have selected the Remember Me checkbox are forced to reauthenticate into the instance.

If the glide.ui.user_cookie.max_life_span_in_days system property is not set to the recommended value of 30 or other appropriate value, then a very long life session could be more vulnerable to session hijack attacks.

Ensure that the property glide.ui.user_cookie.max_life_span_in_days is set to 30 or less.

Note:

To enforce a maximum session time for any active user sessions, see Managing user sessions.

More information


Attribute	Description
Configuration name	glide.ui.user_cookie.max_life_span_in_days
Configuration type	System Properties (/sys_properties_list.do)
Data type	Integer
Recommended value	30 or less
Default value	<none>
Fallback value	30
Category	Session management
Security risk	Severity score: 4.2 CVSS rating: Medium Security risk details: A long session lifespan extends the window of opportunity for attackers to hijack active sessions, increasing the likelihood of unauthorized access if credentials or session tokens are compromised.
Functional impact	This property enforces mandatory re-login by avoiding any sort of cookie rotation after a given time frame.
Dependencies and prerequisites	None