How long should users stay logged in?
It considers that longer idle time outs (15-30 minutes) are acceptable for low-risk applications. On the other hand, NIST recommends that application builders make their users re-authenticate every 12 hours and terminate sessions after 30 minutes of inactivity.
How fast should login be?
Anything longer than a few seconds will make the user lose it's focus. But there is not necessarily a maximum acceptable time for login. There are a number of factors that determine wether the user will drop the login if the duration is too long.
What is a good login page?
First, your login page should include essential elements, like a login form, a login button, and a forgotten password link. But to make your login page more inviting, it's a good idea to include some of the following things: Business logo for familiarity. Social login buttons for more choice.