Persistent Login module provides secure "Remember Me" functionality

I released the Persistent Login module version 1.1 for Drupal 4.7 and 5 today. The module provides the common "Remember Me" checkbox on the Drupal login block and page. Using Persistent Login is a substantially more secure method of allowing users to remain logged in across browser sessions than is having a long-life PHPSESSID cookie.

As is documented in the README.txt, after installing Persistent Login, for maximum security edit your settings.php file so PHP session cookies have a lifetime of the browser session:

    ini_set('session.cookie_lifetime',  0);

Also visit admin >> settings >> persistent_login to set how long persistent sessions should last and which pages users cannot access without a password-based login (by default, users must provide a password to visit any profile editing page, an E-Commerce module shopping cart, or the Persistent Login administrator settings).

For details on how Persistent Login works, read Improved Persistent Login Cookie Best Practice.

If you have an opinion about whether,, and other official Drupal sites should use Persistent Login, please vote on it.