FormsAuthentication uses the machineKey (web.config) for encryption and decryption of the token. Often on shared hosts the machineKey is set to AutoGenerate which causes the token to be considered invalid (since the key for encryption and decryption is not the same). The solution is to fix a machineKey in your web.config:
Adding a machineKey fixes the problem of being logged out every 30 seconds or so. This is because the machineKey is required for forms authentication. I'm running nopCommerce 2.65.
First, you need to generate a machineKey. Got to http://aspnetresources.com/tools/machineKey and generate the machineKey online. The generator will give you the code that you need to insert into web.config in your Nop.Web app.
The generated code will look something like this (by the way, don't copy and paste from here, generate your own code!):
Once you have the code like above, insert it inside your <system.web></system.web> tags in web.config. I put it right after the </authentication> tag like so: