User challenged for user credentials for every 5 minutes of inactivity while editing the site using FrontPage.


Website configured for Digest Authentication


It is a default behavior of the Digest Authentication to challenge the user for user credentials for every 300 seconds (5 minutes) of inactivity. However, there is a registry key which can be set to change the timeout period.

The above article also mentions that there is a registry entry DigestContextCacheTTL which may help to increase or decrease the time limit


Setting the following registry key may allow the user to change the timeout period:


Registry Path: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\InetInfo\Parameters

Data Type: REG_DWORD

Default Value: 300 (seconds)

Range: 0 - 4,294,967

When using Advanced Digest Authentication, this value overrides the Time To Live (TTL) setting for fully formed security contexts after the first authentication request succeeds.