If you are talking about CGI::Session then you can set the timeout in time, like +3h, instructing it to expire in 3 hours. I _believe_ it would be something like: $session->invalidate("+3h");

Another option would be to have an external script that cleans your DB file every so often. Have a little script that removes sessions that are 5 hours old that is automatically run a few times a day.