The Persistent Login module provides a "Remember Me" option on the user login form. Persistent Login is independent of the PHP session settings and is more secure (and user-friendly) than simply setting a long PHP session lifetime.

The 7.x version provides additional security by attempting to detect unauthorized re-use of tokens. For a detailed discussion of the design and security of Persistent Login, see Improved Persistent Login Cookie Best Practice.


  • Control how long user logins are remembered, before a user will have to enter their credentials again.
  • Control how many different persistent logins are remembered per user.
  • Control which pages a remembered user can or cannot access without explicitly logging in with a username and password (e.g. you cannot edit your account or change your password with just a persistent login). (7.x only)
  • A user can clear all of his/her remembered logins via their account page. (7.x)

Known Issues

Get Involved

If you're interested in getting involved in module development but don't know where to start, reach out to gapple (@gappleca on Twitter).

Project information