-
Yes
-
Not really, but you can verify your change by login to admin and go to your profile. Wait 18 hours and try to submit. It should fail.
-
The longer the nonce expiration time is the longer an attacker might be able to trick you into performing unintended operation (but there is actually very slim chance for that unless you have an http site and like to use it in public wifi/networks, but then nonce is not your biggest problem).
