Session Timeout Auto Logout...

You then set the time to time() + 1800 rather than to 0.

No. You either have a cookie that expires after a set number of seconds or a cookie that expires when the browser closes. Not both (you can have both, but it involves more server side code).

1. I don't know why that would be. Keep in mind you're not just changing this one place in the code, the assumption is all over.
2. That was what you should be doing by editing files in the way I described.
3. No
4. Instead of doing the ternary statement, you just set it to a constant time() + 1800.

No, when I say "all over" I mean "anywhere where we're setting a login cookie"

If all you're doing is replacing time() + 31536000 with time() + 1, then you're doing it wrong. Expiration is still set to 0 if save_pass is disabled. I was fairly clear that you needed to replace the entire ternary statement, not just change one output

All righty then... I'm in the saddle now - thank you so much, Smartys!

Woops... I cannot figure out this next thing.
I thought it was all good, but then while the user is active in the session, no matter, when the time is up the user's session is killed.
  Which where is the 'right place' to set it so that the session stays active as long as the user does something within the timeout period set?

Now it would seem to me that..
1) Whenever an action is taken there is a flow through common.php and functions.php, and
2) so it seems check_cookie() function in common.php gets triggered on any event, such as clicking a link to another page, and then
3) that function is them run from functions.php, which
4) sets the "new $now()" time
5) which then updates the value in $expire = $now + 1800; (that I have configured there.
6) which should be getting used on down the line - thus keeping the cookie time 'within bounds'.

Or something like that - no?

Well,
Kindly forgive me for intruption, But Smartys is not this all possible (whatever twohawks wants except auto log-out for certain no of idle minutes) if the user dont view  "Save Username and Password between visits" setting in user's profile:privacy form, or while completing the registration process. & internally the administrator sets this setting as disabled globally for all., If yes than how to disable this setting permanently & hide the "Save Username and Password between visits" setting in user's profile:privacy form & also in registration form.

Nope, I think that's not correct.
In fact, it appears that, in the functions.php file (which definitely gets called for a cookie check via common.php anytime we do things)
...the cookie gets updated (pun_setcookie) only if authentication fails.  So either the 'so-called'  timer runs out, or the user set save_pass so the timer does not matter

So in fact, it appears there is no code written there that checks the updated $expire time(r), and then updates the cookie with the new $expire value!

So if I didn't overlook somethng or misunderstnad the check_cookie functionality, then it would seem I need to write a little bit of code that will do just that.

Your input on this is most welcome.

(Oh and @Divnain, yeah, I already took care of all that, thanks.)

All righty then... now that I'm on track, can you tell me, can I simply reset the expire value inthe cookie and leave the rest, or do I have to re-write all values to the whole thing?

So IOW, ...

So then I can get away with
pun_setcookie(, , $expire);

Or Must I do:
pun_setcookie($cookie['user_id'], $cookie['password_hash'], $expire);

LOL... hey chief, thanks for all your guidance.