Sessions1. are stored per-user in memory(or an alternative Session-State) on the server. Sessions use a cookie(session key) to tie the user to the session. This means no "sensitive" data is stored in the cookie on the users machine.
2. Session can store any type of data because the
value is of datatype of "object"
3.we cannot disable the sessions.Sessions can be used
without cookies also(by disabling cookies)
4. The disadvantage of session is that it is a
burden/overhead on server
5. Sessions are called as Non-Persistent cookies
because its life time can be set manually
Cookies 1. are stored per-user on the users machine. A cookie is usually just a bit of information. Cookies are usually used for simple user settings colours preferences ect. No sensitive information should ever be stored in a cookie.
2. Cookies can store only "string" datatype
3. We can disable cookies
4.Since the value is string there is no security
5. We have persistent and non-persistent cookies