While researching some information regarding managing state and session in web a

Question

While researching some information regarding managing state and session in web applications, I stumbled across this nugget of information:

67 is the first useful prime number after 60. (Yes, 61 is a prime, too, but it's too close to 60 to be of use.) Setting timeouts in durations of primes is common because it lessens the likelihood that two timeout sessions will overlap.

Of course, that's completely anecdotal and may not in any way be the reason why they chose 67 minutes, but that's always made sense to me.

At first glance, this seems to make perfect sense to me, and traditionally, I've never given a lot of thought to the variance of sessions timing out, but I wonder how much (if any) this strategy has been put into place in practice? Would making a change to timeouts ending on prime numbers really have that much of an effect long-term in a large scale application? Or would a change like this go mostly unnoticed?

In other words, is this really anecdotal? Or is it something that should be strongly considered as a best practice?

Explanation / Answer

I believe what the author was getting at was not that two web sessions would be less likely to end at the same time if they were each 67 minutes long, but rather that the end of web sessions would be less likely to overlap with other events (like the server being cycled, backups going off, system going down for maintenance, updates being applied) that tend to be an exact number of hours (often 24 or a multiple of it) apart.

All of this only matters if important and timeconsuming work happens at session end (I have written systems that persist unsaved drafts on session end just in case).

Related Questions

Navigate

• Browse (All)
• Browse W
• Subjects

Integrity-first tutoring: explanations and feedback only — we do not complete graded work. Learn more.