Gossamer Forum: General: Internet Technologies: non-persistent cookies and web security (hennagaijin)

I'm trying to learn more about the difference between persistent and non-persistent cookies. As far as I can tell, it appears that persistent cookies are stored as text files on the user's hard drive, while non-persistent cookies are stored in the user's RAM as part of the browser process (?).

Is that assessment accurate? If so, it seems like it would be relatively easy to forge a persistent cookie, but rather difficult (if not nearly impossible) to forge a non-persistent cookie.

Ultimately I'm trying to figure out what security risks are associated with using non-persistent cookies for user authentication.

Thanks for any advice or suggestions.

Fractured Atlas :: Liberate the Artist
Services: Healthcare, Fiscal Sponsorship, Marketing, Education, The Emerging Artists Fund

Subject	Author	Views	Date
non-persistent cookies and web security	hennagaijin	3713	Mar 9, 2003, 9:09 AM

Re: [hennagaijin] non-persistent cookies and web security	Paul	3583	Mar 9, 2003, 9:34 AM

Re: [Paul] non-persistent cookies and web security	hennagaijin	3577	Mar 9, 2003, 10:08 AM

Subject

Author

Views

Date

non-persistent cookies and web security

hennagaijin

3713

Mar 9, 2003, 9:09 AM

Re: [hennagaijin] non-persistent cookies and web security

Paul

3583

Mar 9, 2003, 9:34 AM

Re: [Paul] non-persistent cookies and web security

hennagaijin

3577

Mar 9, 2003, 10:08 AM