I'm not quite sure what you're using this for, but if it has anything to do with security, just remember that you can't trust the client. There is no reason anyone has to obey your request to remove this cookie after 2 minutes. If you really need to do this sort of thing safely, you should set a cookie with the time that the clock started ticking and a message digest to make sure it isn't tampered with. Then you can look at that on the server side and see if it has been 2 minutes yet or not.