Docs: Clarify behavior in wp_set_auth_cookie().

Clarifies how long authentication cookies are set for when setting the `$remember` parameter.

Props johnbillion, khoipro, rollybueno, shailu25, siliconforks, wildworks, zodiac1978.
Fixes #63230.


git-svn-id: https://develop.svn.wordpress.org/trunk@61188 602fd350-edb4-49c9-b593-d223f7449a82

Author: peterwilsoncc

src/wp-includes/pluggable.php

@@ -1047,11 +1047,13 @@ function wp_parse_auth_cookie( $cookie = '', $scheme = '' ) {
 
 if ( ! function_exists( 'wp_set_auth_cookie' ) ) :
 	/**
-	 * Sets the authentication cookies based on user ID.
+	 * Sets the authentication cookies for a given user ID.
 	 *
-	 * The $remember parameter increases the time that the cookie will be kept. The
-	 * default the cookie is kept without remembering is two days. When $remember is
-	 * set, the cookies will be kept for 14 days or two weeks.
+	 * The `$remember` parameter controls cookie persistence:
+	 * - If true, the cookie is persistent (default 14 days, filterable via {@see 'auth_cookie_expiration'}).
+	 * - If false, the cookie is a browser session cookie (expires when the browser closes).
+	 *   Internally, {@see 'auth_cookie_expiration'} is still applied, to expire the login after
+	 *   two days or when the browser is closed, whichever occurs first.
 	 *
 	 * @since 2.5.0
 	 * @since 4.3.0 Added the `$token` parameter.