• caglararli@hotmail.com
  • 05386281520

Can I set session time to 10 days without risking security issues?

Çağlar Arlı      -    21 Views

Can I set session time to 10 days without risking security issues?

We have a WordPress form that collects data on what marketing source (UTM) the user came from and upon submission, sends that UTM data to a 3rd party. Recently, a client asked me to have a web session to remember this session data for up to 10 days (default was 15 mins). I have a few questions. ...

  1. is there any security risk to doing this? The data itself is not sensitive. We don't have any user logins other than WordPress admins. But seems wrong to set it that long.

  2. wouldn't the session data be lost anyway when the user closed their browser? so is 10 days overkill?

  3. what am I missing here? is this normal in some cases?

I have googled this but getting responses that are not in line with what I am asking.