Received from Mark Fletcher at 11/7/2018 08:35 PM UTC:
I did some tests with Facebook. They apparently expire their login cookie after 3 months. I would be fine extending our expiration to that as well. Anyone have an objection?
Strongly in favor of extending the expiration to 3 months, but...
...in addition to that, could you also offer the option of a cookie that never expires, effectively letting each of us decide how to manage our own security. Since Groups.io uses secure connections, the liklihood that anyone would try to steal my login data is remote.