hey,
AFAIK there are 2 kinds of cookies, being the expiring cookies and the session cookies. Session cookies are stored in memory and expire when the browser session ends (which seems a bit handier in this case). Check RFC 2109 for a more detailed explaination. To be really secure, you can always use SSL

Greetz
Beatnik
... Quidquid perl dictum sit, altum viditur.