hi all. i have a site which i expect will get a bit of traffic and im looking at using cfcookie rather than session variables to track my logged in users. my only question is.. lets say someone logs in OK.. i get their memberID from the database, for example: 1050. i set this in the cookie ie, <cfcookie name="themember" value="1050">. whats to someone from going into the cookie on their machine, finding their user id and changing it to something else? and then seeing information on my site for that other member!! ??