What is the difference between session and cookies?
Cookies are small text files that websites store on a user’s device. They contain data about the user’s interaction with the website and help recognize the user and remember their preferences, like language, color, theme, etc. On the other hand, a session is a way for websites to remember the user’s visit while they are actively browsing.
Here are the main differences between session and cookies:
Session | Cookies | |
Storage location | Stored on the server side and exists as long as user’s session | Stored on the client side (user device) and sent back to the website with each request the user makes |
Lifespan | Expires as soon as the user ends the session or closes the browser | Expires after a specified duration |
Storage size | Can store 120MB of data | Can store only 4KB of data |
Storage format | Stores data in binary or encrypted form | Stores data as text files |
Security | Data stored in encrypted form can only be decrypted at the server | Less secure than session. Stored data can be read by anyone with unauthorized access |
Most websites save session IDs as cookies and such cookies are called session cookies as they last for a session. Unlike other cookies, session cookies are never stored on your device.