History

There are 5 versions of this glossary term.
For most of us, we have a single sign-on  (SSO) solution in place to enable our visitors/members to access pages and functionality across all of our various applications (content management, connected community, ams e-commerce , etc...).  Cookies are the glue that hold this single sign-on experience together.  A "cookie" is dropped by your main authentication process, and within this "cookie" is the information needed by your other applications when you hand a visitor/member over from one application to the other.

Most "cookies" have relatively short life spans (just like in real life).  It is common for "cookies" to expire after 20 minutes.  An aggressive cookie strategy, therefore, is simply choosing to increase the lifespan of a "cookie" to an hour, a day, a week, a year or for a very, very long time.   The benefit to this approach is that as long as a visitor/member comes back to your site using the same machine and the same browser, their "cookie" will be recognized and they will not be asked to log in.

Obviously, an aggressive cookie strategy emphasizes member convenience over security (although the overall security risk is minimal), so you should never implement it unless you have thought thru the trade-offs.

(Thanks, Brett!)


Revised By: Kathleen Simpson Revised On: Jan 6, 2012 3:26 PM
Characters Edited: 22 Total: 1336
For most of us, we have a single sign-on  (SSO) solution in place to enable our visitors/members to access pages and functionality across all of our various applications (content management, connected community, ams e-commerce , etc...).  Cookies are the glue that hold this single sign-on experience together.  A "cookie" is dropped by your main authentication process, and within this "cookie" is the information needed by your other applications when you hand a visitor/member over from one application to the other.

Most "cookies" have relatively short life spans (just like in real life).  It is common for "cookies" to expire after 20 minutes.  An aggressive cookie strategy, therefore, is simply choosing to increase the lifespan of a "cookie" to an hour, a day, a week, a year or for a very, very long time.   The benefit to this approach is that as long as a visitor/member comes back to your site using the same machine and the same browser, their "cookie" will be recognized and they will not be asked to log in.

Obviously, an aggressive cookie strategy emphasizes member convenience over security (although the overall security risk is minimal), so you should never implement it unless you have thought thru the trade-offs.



Revised By: Kathleen Simpson Revised On: Jan 6, 2012 3:24 PM
Characters Edited: 7 Total: 1314
For most of us, we have a single sign-on  (SSO) solution in place to enable our visitors/members to access pages and functionality across all of our various applications (content management, connected community, ams e-commerce , etc...).  Cookies are the glue that hold this single sign-on experience together.  A "cookie" is dropped by your main authentication process, and within this "cookie" is the information needed by your other applications when you hand a visitor/member over from one application to the other.

Most "cookies" have relatively short life spans (just like in real life).  It is common for "cookies" to expire after 20 minutes.  An aggressive cookie strategy, therefore, is simply choosing to increase the lifespan of a "cookie" to an hour, a day, a week, a year or for a very, very long time.   The benefit to this approach is that as long as a visitor/member comes back to your site using the same machine and the same browser, their "cookie" will be recognized and they will not be asked to log in.

Obviously, an aggressive cookie strategy emphasizes member convenience over security (although the overall security risk is minimal), so you should never implement it unless you have thought thru the trade-offs.



Revised By: Brett Wangman Revised On: Dec 19, 2011 2:13 PM
Characters Edited: 12 Total: 1307
For most of us, we have a single sign-on  (SSO) solution in place to enable our visitors/members to access pages and functionality across all of our various applications (content management, connected community, ams e-commerce , etc...).  Cookies are the glue that hold this single sign-on experience together.  A "cookie" is dropped by your main authentication process, and within this "cookie" is the information needed by your other applications when you hand a visitor/member over from one application to the other.

Most "cookies" have relatively short life spans (just like in real life).  It is common for "cookies" to expire after 20 minutes.  An aggressive cookie strategy, therefore, is simply choosing to increase the lifespan of a "cookie" to an hour, a day, a day or for a very, very long time.   The benefit to this approach is that as long as a visitor/member comes back to your site with the same machine and the same browser, their "cookie" will be recognized and they will not be asked to log in.

Obvious, an aggressive cookie strategy emphasizes member convenience over security (although the overall security risk is minimal), so you should never implement it unless you have thought thru the trade offs.



Revised By: Brett Wangman Revised On: Dec 19, 2011 2:11 PM
Characters Edited: 1295 Total: 1295
Revised By: Kathleen Simpson Revised On: Dec 8, 2011 1:50 PM
Characters Edited: 0 Total: 0