What is the difference between session and cookies?
Cookies are small text files that websites store on a user’s device. They contain data about the user’s interaction with the website and help recognize the user and remember their preferences, like language, color, theme, etc. On the other hand, a session is a way for websites to remember the user’s visit while they are actively browsing.
Here are the main differences between session and cookies:
|Storage location||Stored on the server side and exists as long as user’s session||Stored on the client side (user device) and sent back to the website with each request the user makes|
|Lifespan||Expires as soon as the user ends the session or closes the browser||Expires after a specified duration|
|Storage size||Can store 120MB of data||Can store only 4KB of data|
|Storage format||Stores data in binary or encrypted form||Stores data as text files|
|Security||Data stored in encrypted form can only be decrypted at the server||Less secure than session. Stored data can be read by anyone with unauthorized access|
Most websites save session IDs as cookies and such cookies are called session cookies as they last for a session. Unlike other cookies, session cookies are never stored on your device.