In Session
Specifies the number of minutes that a session can remain idle before the server terminates it automatically. The default is 10 minutes. Session.Timeout has no hard-coded limit. Most Web administrators set this property to 8 minutes. It should not be set higher than 20 minutes (except in special cases) because every open session is holding onto memory. It should also not be set lower than 4 minutes because clients rarely respond within that time resulting in a loss of session state.
<configuration>
<system.web>
<sessionState timeout="20"></sessionState>
</system.web>
</configuration>
If the user does not refresh or request a page within the time-out period, the session ends.
And check if session is null in MasterPage load event
if(Session["UserID"]==null)
Response.Redirect("Login.aspx");
User
HTML <meta> Tag
While being able to reload the current page is useful, it is not typically what people want from the meta refresh tag. To redirect to a new page, the syntax is nearly the same as reloading the current page:
<meta http-equiv="refresh" content="600">
content="600"—This is the amount of time, in seconds, until the browser should reload the current page.this time it will redirect to login page if session in null
Get MoreInfo
redirect-meta-refresh.phtml[
^]