- The main difference between cookies and sessions is that cookies are stored in the user’s browser, and sessions are not. This difference determines what each is best used for.
- A cookie can keep information in the user’s browser until deleted. If a person has a login and password, this can be set as a cookie in their browser so they do not have to re-login to your website every time they visit. You can store almost anything in a browser cookie.
- The trouble is that a user can block cookies or delete them at any time. If, for example, your websites shopping cart utilized cookies, and a person had their browser set to block them, then they could not shop at your website.
- Sessions are not reliant on the user allowing a cookie. They work instead like a token allowing access and passing information while the user has their browser open. The problem with sessions is that when you close your browser you also lose the session. So, if you had a site requiring a login, this couldn’t be saved as a session like it could as a cookie, and the user would be forced to re-login every time they visit.
- Also we can set time out for sessions. For Ex: if we set time out for sessions then after certain time period as specified it will expire and user need to login again.
Reference : Dilip Kumar Jena ( https://mstechexplore.wordpress.com )