[eluser]gtech[/eluser]
Yes the session id is updated every 5 minutes (300 seconds), this is the default value if the value is not set in the config. If you look in the session.php code in the libraries directory (search for time_to_update in the file) you will see the new session being generated and the cookie/user data being updated to reflect the change.
The session id regeneration is there as a security measure to prevent session hijacking. 5 minutes is considered a good interval as if the interval is too short it will increase processor load.
Sources:
[url="http://xqus.com/regenerate-php-session-id"]Xqus.com, exaplaining why we need to update the session id[/url]
[url="http://www.derekallard.com/blog/post/enhanced-codeigniter-session-library/"]Derek Allards Site, explaining the new config value and 'session fixation'[/url]
[url="http://ellislab.com/codeigniter/user-guide/libraries/sessions.html"]CI documentation[/url]
