I&#039;m not talking about leaving a session forever ... when a browser is closed or the user logs off I&#039;d like o kill the session ... but I&#039;m disliking the whole forced-relogin when a session expires after a little inactivity.<BR><BR>I was hoping that .net provided more robust tools in this regard. If I track the session in the URL, does it still expire after a time-out period?<BR><BR>Aside from increasing session timeout time, is there any other way to make this a little more robust, or shall I go back to my usual methods of tracking users (which then also seems to mean that I can&#039;t use forms authentication).<BR><BR>A little clarity on this object would be wonderful.