I have some webforms and the main page grabs the users email address when they login and a UserID. It's not uncommon for the user to keep the web page open all day. Is it good practice to store the email address and ID as a session variable and up the timeout to say 10 hours? Or is there a better way? My concern is A) Session variables timing out before the user login timesout B) Doing this incorrectly.
View Complete Post