We feel that a time-out is necessary to protect the privacy, for instance, of the closed groups for users who are using shared PCs.
We have set the time-out to 12 hours, so it should only be necessary to log-on once each day.
We will then work on ensuring that cookies work, so that the “remember me” tickbox on the homepage works correctly for perhaps 60 days at a time. That at least ensures that a user has taken a deliberate decision to remain logged in.
Fair point about the “Save” button – anyone else got a preferred wording for it?