Sign in through GitHub

Please read for an updated status on RailsCasts:

Learn more or hide this

Olli Huotari's Profile

GitHub User: holli

Comments by Olli Huotari

Avatar

Signing cookie adds overhead to the size (http://yuiblog.com/blog/2007/03/01/performance-research-part-3/). So that depends on the security you need.

For better security you want to save also a expiry time inside the cookie and sign it. Then you can check e.g. that the cookie isn't more than year old so that info in old computers cannot be abused. But in most cases the way described in this screencast is enough.