Just an idea... lol kinda neat, maybe not...
How about having a short expire time, such as 2 or 3 days or how ever long configured, but as the person browses keep updating the cookie's expiration time to be how ever long so that if the user is visiting ever couple of days they are always logged in but if they should laps for more than 3 days the cookie expires?
/me continues on with what ever it was he was doing before...