Had a quick question. I have never messed with cookies before, but I know how they work. I am working on a user login and want to be able to use a remember me option, using cookies to do so.

I basically have it setup so I save the users id, username, password (salted and hashed), a unique token value and expiration in a cookie, and it is also saved in a database for lookup.

My question, is there any problem with storing a username and password in a cookie if the password is hashed and salted? The way I process the login, there is no sending of this value raw to the login methods. If so, the salted and hashed password in the cookie with be salted and hashed returning a different value.

Sorry for noobness with cookies, but never used this feature before.

Oh yea, also, when checking the cookies with what was entered in the database upon setting the cookie, I do it strictly. Every single piece of data must match or I remove the token information. I am also doing other small things such as checking the user agent and am using Kohana 2.4 session/cookie handling. Thanks.