Authentication: Part III(Timeout)
We can prevent lingering sessions from being taken advantage of by implementing a timeout (time limit). After the timeout, the user will be asked to re-enter his/her password. This way, the user can verify they are who they claim to be without being sent back, to the login page.