The browser cookie is absolutely the best way to do this. It will only last as long as they have the browser open, so, no maintenance. This will work even if they disable cookies, I believe. Only use a permanent cookie if you want the app to remember them after the browser is closed as in something like a checkbox that says "remember me". This is the standard way of doing it. See the example at:
http://www.dotcomsolution.com/avfpdemo2/Default.aspx?action=listing>I have a very simple login page on my WW application.
>
>They enter their unique ID (no password) and the system sets a cookie with their ID.
>
>Then I use that cookie on every following page to know they are logged in and what is their ID.
>
>Is there a BETTER way to know if they passed login and not worry about they who they?
>
>Naturally I can use Windows authentication, but that is a lot more than my users would want to mess with.
>
>The simple ID is nice, but the cookies are a constant problem.