diff --git a/config/jwt.php b/config/jwt.php
index 30eabfa..bc6f9ef 100644
--- a/config/jwt.php
+++ b/config/jwt.php
@@ -38,7 +38,7 @@
     |
     */
 
-    'refresh_ttl' => 20160,
+    'refresh_ttl' => 43200, //30 days
 
     /*
     |--------------------------------------------------------------------------
diff --git a/readme.md b/readme.md
index d692a21..37d7b85 100644
--- a/readme.md
+++ b/readme.md
@@ -53,6 +53,7 @@ After cloning and installing repository:
  * tmp dir permissions needed
  * The library is tested only on linux, we don't know the behaviour of critical parts (optimisation and caldav sync) on other systems
  * Details about optimisation task [https://docs.google.com/document/d/18vCFEVrd8ENgS80hC-ACjSicDFYXV2QjoFiO3FiGZ5w/edit](https://docs.google.com/document/d/18vCFEVrd8ENgS80hC-ACjSicDFYXV2QjoFiO3FiGZ5w/edit)
+ * after 30 days you have to re-login, this for security reasons to avoid that a malicious guy can use the token to get new tokens and he stays always connected even if you change password 
 
 
 # Credits