I would like to obtain your feedback as to know if you are still using cookies when developing a Web site to keep the authentication? Either as http or https, I would like to know if you prefer to pass the authentication in a query string, by some kind of encrypted (or not) session ID, at every hit instead.