What are Cookies
Note: Our web site requires cookies, so if you disable or selectively disable cookies, be sure to allow them for access to our content.
Cookies are small data files sent by a Web site to your browser. The Web site may send one or more cookies to you. Your computer stores cookies on the hard drive. The Web site may ask for a cookie to serve you the proper web page. The cookie sent back to the web site will be the same cookie they had given you previously.
Cookies allow Web sites to maintain information on a particular user across HTTP connections. The current HTTP protocol is stateless, meaning that the server does not store any information about a particular HTTP transaction; each connection is "fresh" and has no knowledge of any other HTTP transaction. "State" information is information about a communication between a user and a server, similar in many ways to frequent flyer profiles or option settings in desktop software. (For example, a preference for aisle or window seats is cookielike information that a frequent-flyer program might store about one of its customers.) In some cases it is useful to maintain state information about the user across HTTP transactions.
What kind of information can cookies store?
Cookies can be used to store information about a user that either the user or the Web site provides. Some scenarios include the following:
Alice is shopping at a particular Web site that uses a shopping cart. She puts items into a shopping cart by clicking a link or an "Add to Shopping Cart" button. Cookies are used to store the contents of Alice's shopping cart so she can conveniently purchase a cart full of items rather than one item at a time.
Bob clicks around a Web site that allows users to view articles for a small charge. Cookies can be used to store information about which articles he has viewed (that is, a list of URLs) so that he can pay for them all at once rather than each time he downloads an article.
Carl fills out a Web form with his name, address, and other information. Cookies can be used to store this information so that the next time Carl visits the site, the information is automatically uploaded and he doesn't have to provide it again. Cookies we send you will never reveal your personal information. Specifically, we never store names, email address, or credit card numbers.
Don logs in to a Web site that requires a user name and password. When Don's user name and password pair is successfully verified, the server passes down a cookie that functions as a "guest pass" allowing him access to certain areas of the Web site. After a set time period, perhaps half an hour or a day, the guest pass expires and Don must log in again.
In each of these examples there are only two ways to store data: either the server provides it (as in the last example) or the user provides it by taking some action (such as clicking a link or button or filling out a form).
Can cookies read information from a user's hard drive?
No. Cookies can only store data that is provided by the server or generated by an explicit user action.
Can cookies be used to gather sensitive information, such as a user's email address?
No. Cookies cannot be used to gather sensitive information. Cookies can only store data sent from the website. Cookies are passive data structures that are delivered to the client, stored on the client's hard drive, and returned only to the same server that sent the cookie in the first place.
Where are cookies stored?
Cookies are stored on the user's hard drive (although during actual communication it is stored in your browser's memory). The directory is different for each platform.
How long do cookies last?
A Web site may set a 'long-term' cookie by choosing a future expiration date, generally one year from today. This cookie recognizes you when you enter the website and allows you certain features without having to log in.
A 'short-term' cookie specifies a date in the past, and is deleted when you close your browser. This would require you to log in each time you visit the site to use certain enhanced features. The cookie remembers you as you surf through the site
Your account allows you to choose to have the long-term cookie disabled. This is recommend if the primary place you access the internet is on a public computer, such as a library or Internet Cafe.
Can malicious sites read cookie information sent by another site?
No. Cookies are designed to be read only by the site that provides them. Your computer will not recognize any request for another websites cookie.
Can cookies be encrypted?
Yes. The information we store in a cookie is encrypted using 132 bit encryption schemes. In addition, cookies used during secure transactions, such as payments or purchases, will be delivered and received only in the context of a Secure Sockets Layer (SSL) session. The SSL session involves additional encryption of data.
How do I accept or reject cookies.
The normal state for your computer is to accept cookies, unless you or someone else has changed your browser's settings.
Depending on your browser type and settings, you may be alerted when a site is about to set a cookie on your hard drive. If notified of the cookie installation you may accept or reject the cookie.