they expire so if you leave the computer and someone else comes into the
office/internet cafe/or even your computer at home, they won't be able to
reestablish your session.
some sites don't expire their cookies (well they do, but like in 4 years,
MSN being the worst).
----- Original Message -----
From: "Philip Mak" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Thursday, August 03, 2000 11:13 AM
Subject: Should cookies expire?
> I have a general question about websites that use cookies to store session
> information:
>
> Why should they expire at all?
>
> Let me give you an example. Yesterday, I was at Amtrak Rail's website to
> purchase train tickets. Now, I multitask a lot, and sometimes I might
> leave one browser window idle while I go to do something else.
>
> So I'm browsing the possible rides I can get on, then I do something else
> for half an hour. I go back to the browser window with Amtrak, and then
> when I click something it tells me that my session has expired and I'll
> have to login again!
>
> Gritting my teeth, I login again and start the process over. This time I
> finish the reservation and minimize the window.
>
> Later that night, I want to check my reservation again. I maximize that
> window and click something ... oops, session expired again!
>
> I realize that in a computer lab environment, automatic session expiration
> may be needed for security purposes, but I think in the situation
> mentioned above, it was excessive.
>
> What do people think about this?
>
> -Philip Mak ([EMAIL PROTECTED])
>
