diff --git a/app/Http/Middleware/PasswordProtection.php b/app/Http/Middleware/PasswordProtection.php
index 3c0275d68b57..5d1ad6581faf 100644
--- a/app/Http/Middleware/PasswordProtection.php
+++ b/app/Http/Middleware/PasswordProtection.php
@@ -31,22 +31,23 @@ class PasswordProtection
      */
     public function handle($request, Closure $next)
     {
-    // {nlog($request->headers->all());
-    //  nlog($request->all());
     
         $error = [
             'message' => 'Invalid Password',
             'errors' => new stdClass,
         ];
 
-        nlog(Cache::get(auth()->user()->hashed_id.'_logged_in'));
-        nlog($request->header('X-API-OAUTH-PASSWORD'));
+        $timeout = auth()->user()->company()->default_password_timeout;
 
+        if($timeout == 0)
+            $timeout = null;
+        else
+            $timeout = now()->addMinutes($timeout);
 
         if (Cache::get(auth()->user()->hashed_id.'_logged_in')) {
 
             Cache::pull(auth()->user()->hashed_id.'_logged_in');
-            Cache::add(auth()->user()->hashed_id.'_logged_in', Str::random(64), now()->addMinutes(30));
+            Cache::add(auth()->user()->hashed_id.'_logged_in', Str::random(64), $timeout);
 
             return $next($request);
 
@@ -68,12 +69,12 @@ class PasswordProtection
                 //If OAuth and user also has a password set  - check both
                 if ($existing_user = MultiDB::hasUser($query)  && auth()->user()->has_password && Hash::check(auth()->user()->password, $request->header('X-API-PASSWORD'))) {
 
-                    Cache::add(auth()->user()->hashed_id.'_logged_in', Str::random(64), now()->addMinutes(30));
+                    Cache::add(auth()->user()->hashed_id.'_logged_in', Str::random(64), $timeout);
                     return $next($request);
                 }
                 elseif($existing_user = MultiDB::hasUser($query) && !auth()->user()->has_password){
 
-                    Cache::add(auth()->user()->hashed_id.'_logged_in', Str::random(64), now()->addMinutes(30));
+                    Cache::add(auth()->user()->hashed_id.'_logged_in', Str::random(64), $timeout);
                     return $next($request);                    
                 }
             }
@@ -83,7 +84,7 @@ class PasswordProtection
 
         }elseif ($request->header('X-API-PASSWORD') && Hash::check($request->header('X-API-PASSWORD'), auth()->user()->password))  {
 
-            Cache::add(auth()->user()->hashed_id.'_logged_in', Str::random(64), now()->addMinutes(30));
+            Cache::add(auth()->user()->hashed_id.'_logged_in', Str::random(64), $timeout);
 
             return $next($request);