Originally Posted by howitzer9
So it should be the members who control the level of security they require on their own data. No?
Amen. The same principle's used by Amazon, Facebook, Google, Yahoo and 100s of other sites that make sensitive information available when you're logged on.
Plus, if you leave your computer unlocked for long periods in a public place you're leaving your email, documents etc etc open to theft. The security issue here is "leaving your session unlocked and unattended in a place where there are people you don't trust", not "one website not logging me out after 30 minutes of inactivity, during which anything could have happened".
Just my 2c, but I'd say trust your members and make the site more usable.