On 11 Mar 2014, at 12:39, Karsten Kusche <karsten at heeg.de> wrote: > Here’s a general approach to implement Remember-me cookies: http://fishbowl.pastiche.org/2004/01/19/persistent_login_cookie_best_practice/ That is an excellent write up. Thanks for sharing it. Yes, the one-time-use and re-issue is necessary too.