When users log into WordPress a cookie is saved in the browser to remember the login. This allows users to log in once and continue using the website without having to login for every single page accessed.
This is controlled by the wp_set_auth_cookie function in pluggable.php
The default time WordPress will remember a logged in user is:
- 2 days or the browser is closed
- 14 days – if “remember me” is ticked when logging in.
The times can be customised using:
- pluggable function: wp_set_auth_cookie function
- filter: auth_cookie_expiration
- action: set_auth_cookie
- action: set_logged_in_cookie