A couple of things come to mind here:

1. Is there any pattern to the lost authentications? Meaning, is it always after 20 minutes or is it really seemingly random?

2. Since you are on shared hosting, do you explictly set your machine keys in your web.config? If you do not and they are set to auto generate, the keys will be different if your application is load balanced. Thus you authenticate on server A and some subsequent request goes to server B, your application will not be able to decode the authorization cookie and ‘kick you out’

In a Web farm, you cannot guarantee which server will handle
successive requests. If a user is authenticated on one server and the
next request goes to another server, the authentication ticket will
fail the validation and require the user to re-authenticate. The
validationKey and decryptionKey attributes in the machineKey element
are used for hashing and encryption of the forms authentication
ticket. The default value for these attributes is
AutoGenerate.IsolateApps. The keys are auto-generated for each
application, and they are different on each server. Therefore,
authentication tickets that are encrypted on one computer cannot be
decrypted and verified on another computer in a Web farm, or in
another application on the same Web server. To address this issue, the
validationKey and decryptionKey values must be identical on all
computers in the Web farm.

See here for more information on that second bit.