Cookies have some excellent security features ("secure" flag, "http" flag to prevent javascript from acesssing it, and "same-site" flag for CSRF prevention on modern browsers).
Don't use other storage mechanisms for storing anything secret. Nothing beats cookies today.
Don't use other storage mechanisms for storing anything secret. Nothing beats cookies today.