IMO the best approach is to use Domain Authentication - which DokuWiki supports. Users won't have to remember an extra password; controlling the hours
and days that a login is allowed is simple, and can easily be changed to suit
individuals; if an employed changes you can remove all their login rights in one action; you can log user activities; it doesn't have the downsides of relying solely on cookie based access control.
There may be user management plugins for DokuWiki that can give you similar capabilities to the "solution" you are pursuing.
progzmaster wrote
Is there a config option to change the login session timeout to a specific value?
Yes. It can be done in the webserver configuration (
php.ini and other mechanisms); it
would be possible to create a plugin that does it.... but neither approach is optimal if you want to do so for security purposes.
According to
https://www.dokuwiki.org/faq:cookies the session cookies expires at the end of browser session only, which is practically never, if the users using hibernation to shut down their computer.
That's a possible problem that can be solved in other ways (and BP is usually to solve it in multiple ways - network and application).
I want for example 8 hours of timeout, which is one working shift here, so the users will have to log in every day.
This also helps in that they will not forget their passwords.
There are a number of problems with that approach (the 8 hours doesn't start until they login, they remain logged in even if they are not in front of their computer, they have a separate password for DokuWiki, you are relying on users to achieve security, etc).