We have an e-commerce site and have traditionally tracked users from day to day using persistent cookies. We want to make sure we are using the most stable method possible, especially during a given user session, and we want to make sure it is secure (i.e. PCI compliant). We know we should not use sequential numbering systems for the cookies and we figure on encrypting anything we store as a cookie.
It is getting somewhat more difficult to track users, even during a session, because some of the Internet Security software suites seems to get in the way for a few users. We have users on Macs and PC's and on a wide range of operating system and browser versions.
But I think there are probably standards in the ColdFusion community about this, and we should probably re-think our methods. So what is the preferred methodology for tracking users?
We have CF9 running on Windows servers. Thanks.