有没有这样的事情作为安全cookie，除非它是在SSL只传输。它可通过持久性非会话cookie（如记得我），正好做你正在做什么时，减轻了一些，但不是你想这样做的一样。

There is no such thing as secure cookie UNLESS it's transmitted over SSL only. It can be mitigated some when using a persistent non-session cookie (like remember me), by doing exactly what you're doing, but not in the same way you're thinking of doing it.

您确实可以存储服务器变量，如用户代理，IP地址等等（甚至是JavaScript的变量），但他们只用于验证持久Cookie数据在客户端的新连接匹配良好。 IP地址是不是除了当你知道在客户端（比如你只），是不会改变的每个页面加载（一拉AOL）是一个好主意。

You can indeed store server variables such as the user-agent, the ip address and so forth (and even JavaScript variables), but they are only good for validating that the persistent cookie data matches the client's new connection. The ip address isn't a good idea except when you know that the client (like you only) isn't going to change on every page load (a la AOL).

现代Web浏览器和第三方服务，如LastPass的可以存储登录凭据只需要一键preSS（有时甚至没有），将数据发送到登录表单。永久性Cookie只为那些谁拒绝使用什么可用的，否则人不错。最后，持续的，无会话Cookie不真正需要了。

Modern web browsers and 3rd party services like LastPass can store login credentials that only require a key press (and sometimes not even that) to send the data to the login form. Persistent cookies are only good for those people who refuse to use what's available otherwise. In the end, persistent, non-session cookies are not really required anymore.