Table of Contents
Used for authentication after login. This holds the necessary data to (re)login a previously authenticated user.
Importance: necessary for anyone who needs to log in
Typical content: encrypted username and password
Expires: in a year 1)
Used for remembering helpful user preferences, like the size of the editor textarea.
Typical content: name/value pairs in plain text
Expires: in a year
The standard PHP session identifier. Used to hold temporary data and to avoid CSRF attacks.
Typical content: random ID
Expires: at the end of the browser session
The Cloudflare __cfduid cookie is used to override any security restrictions based on the IP address the visitor is coming from. For example, if the visitor is in a coffee shop where there are a bunch of infected machines, but the visitor's machine is known trusted, then the cookie can override the security setting. It does not correspond to any userid in the web application, nor does the cookie store any personally identifiable information 2).