Currently the GMail SaveToCRM Authentication token appears to last for about an hour, at which point it requires you to reconnect to the CRM.
It would be easier for users to not have to do this multiple times a day and continue to stay logged in for an extended period.
Yes. Absolutely necessary.
1 month token expiry would be ideal. If the user can login to their email, chances are that the client is authorised anyway.