Users on my website get access to protected areas. When the user logs in, I create a session variable which declares that the user is logged in. Then, all protected pages control that session variable. <BR><BR>This method works quite well, however, session variables are sometimes dropped for some reasons...resulting in the user being logged off. I read that this is caused by pages being refreshed, but I sometimes experienced to see those variables lost without having refreshed any page.<BR><BR>Is there some way to prevent those variables from being lost?<BR>or can you suggest a better way of keeping track of a logged user?