What are the implications of using 'low' security in cakephp?

Question

I had an authentication problem in cakephp, when positing credentials from an external site the authentication would work, and then get immediately lost, with the site promp

Answer 1

two things happens when setting to 'low'

1)timeout is bigger

2)if session highjacking is easy, then it will be easier! since the session dosent regenerate between requests as when set to 'high'!

and nothing else.

by the way you can change for a specific page the security level or the session timeout or both... so it is not a no-undo-choice