The session expiry controlls the login. The cookie expiry is irrelevant.
Thanks for the reply Scott. It's very much appreciated.
Well obviously I'm looking in the wrong place then, I'll do a bit more research.
Essentially what I need is for the session to expire after 15 minutes of inactivity.