[thelist] Logins and cookies

[Ken Kogler]

> You might also want to set an expiration on that cookie so
> that the user
> will have to login again periodically no matter what.

+1 on that... If you set the expiration to a year or something like
that,  you'll be swamped with users asking "what's my password again?"
when they clear their caches... Set the cookie to expire every other
week or so... Saves you a lot of headache.

-Ken