expiry « Session « JSP-Servlet Q&A

1. Redircting automatically upon session expiry    stackoverflow.com

How to redirect a page upon session expiry(automatically) with out any user action on the page.?

2. session expiry    coderanch.com

3. JSP- Frequent SESSION EXPIRY    coderanch.com

4. session expiry    coderanch.com

5. Session Expiry Check    coderanch.com

6. Session Expiry Check    coderanch.com

7. Session expiry in servlet    coderanch.com

8. Implementing password expiry using sessions    coderanch.com

Seems to me that enforcing frequent PW changing is exactly what you don't want. The reason being that this will push people toward easily remembered (and thus easily broken) PWs -or- to writing down the passwords where they can be stolen. Instead, enforce rules on length, etc and push the users toward better PW management. Expiring PWs to prevent zombie accounts, ...