I'm having the same issues and I can't figure out whats going on.
For my current projects panel (latest Kirby):
On my localhost I never get logged out.
On the development server I never get logged out.
On the same development server the client, at some days, gets logged out constantly and at some days not.
(she tried various browsers and two different computers, reboots and everything)
It happens with or without the return sha1($SERVER['HTTPUSER_AGENT']); change.
(On other projects, I basically never get logged out and my collegae does sometimes when we work together on the same site)
Very frustrating because I just can't understand why
Anyone have another idea?