I have this code:

<!--#include virtual="/ezHomepage/common/CommonCode.asp"-->
<%
CheckID()
Dim strUName, strPassword
strUName= rplStringIn(Trim(Request("ezUName")))
strPassword = Trim(Request("ezPwd1"))

Dim rsUsers
set rsUsers = Server.CreateObject("ADODB.Recordset")
strSQL = "SELECT * FROM ezStartpage WHERE ezUName = '" & strUName & "';"
rsUsers.Open strSQL, objConn, adOpenForwardOnly, adLockOptimistic, adCmdText


If rsUsers.EOF Then
Session("ezUName") = strUName
If Request("SecondTry") = "True" Then
Response.Redirect "/ezHomepage/startpage.asp"
Else
Response.Redirect "/ezHomepage/users/login.asp?Page=home&SecondTry=True"
End If
Else
While Not rsUsers.EOF
If UCase(rsUsers("ezPwd1")) = UCase(strPassword) Then
Dim strName, strValue
For Each strField in rsUsers.Fields
strName = strField.Name
strValue = strField.Value
Session(strName) = strValue
Next
Session("blnValidUser") = True
Session.Timeout = 360
Response.Redirect "/ezHomepage/users/mypage.asp?Action=" & rsUsers("UserID") & "&UID=" & rsUsers("ezUName") & "&Page=mypage"
Else
rsUsers.MoveNext
End If
Wend
Session("ezUName") = Request("ezUName")

If Request("SecondTry") = "True" Then
Response.Redirect "/ezHomepage/startpage.asp?Page=home&Head=home"
Else
Response.Redirect "/ezHomepage/users/login.asp?Page=home&SecondTry=True&WrongPW=True"
End If
End If

rsUsers.Close
Set rsUsers = Nothing
objConn.Close
Set objConn = Nothing
%>

The Session ends between 20 and 60 minutes can anyone tell me whats wrong?

try sticking that piece of code at the beginning of your page like so:

<!--#include virtual="/ezHomepage/common/CommonCode.asp"-->
<%
Session.Timeout=360
CheckID()
Dim strUName, strPassword
strUName= rplStringIn(Trim(Request("ezUName")))
strPassword = Trim(Request("ezPwd1"))


But be bindful of the security issue when you let your session remain active for 6 hours.
It doesn't make sense but above should work for you.

Thanks I'll try that!

The 6 hours was a test, I realy want it to time out after an hour.