Cookies help websites remember who you are and what you’re doing, like staying logged in, keeping items in your cart, or showing you relevant content. But not all types of internet cookies are equal and work the same way.
Some are necessary. Others are optional and used for tracking, analytics, or advertising.
This guide breaks down various types of website cookies, what they do, and why they matter.
Quick Facts About Web Cookie Types
- Cookies are categorized by duration, ownership, and function. Each has its own purpose.
- Session cookies are temporary; persistent cookies remain on your device for future visits.
- First-party cookies come from the site you visit; third-party cookies track you across different sites.
- Functional, analytics, and targeting cookies require user consent, unlike strictly necessary ones.
- Niche cookies like Zombie or Supercookies are harder to detect and delete, posing potential privacy risks.
Website Cookies Explained
Cookies come in different flavors, and you should learn what you might encounter to manage them properly.
Each example of cookies in your computer does something different. Some help websites work properly, while others are used for showing ads or tracking.
Here’s a simple comparison table:
| Cookie Type | What It Does | Duration | Who Sets It | Do You Need to Approve It? |
| Session Cookie | Helps the site run smoothly during your visit (like keeping you logged in) | Just while you’re on the site | The site you’re visiting | No |
| Persistent Cookie | Remembers things like login info or settings for next time | Stays for days or months | The site you’re visiting | Sometimes |
| Third-Party Cookie | Tracks you across websites to serve ads | Varies | Someone else (like an ad company) | Yes |
| Analytics Cookie | Collects data on how people use the site | Varies | The site or a third party | Yes |
| Functional Cookie | Saves your preferences, like language or layout | Varies | The site or a third party | Yes |
| Targeting Cookie | Used to show you targeted ads based on what you’ve done online | Varies | Third parties | Yes |
Web Cookies by Duration
Cookies can either be short-lived or stick around for a while. The difference mostly comes down to how long they stay on your device and what they’re meant to do.
Session Cookies
Session cookies are temporary and only work while you’re actively using a website. Once you close the tab or browser, they’re gone. They’re mainly used to keep things running smoothly during your visit.
| 💡 Example: If you’re shopping online, session cookies remember what’s in your cart as you click around the site. |
Persistent Cookies
Persistent cookies don’t go away when you close your browser. They’re saved on your device and can last for days, weeks, or even months. They’re used to remember things between visits, so you don’t have to start from scratch.
| 💡 Example: Persistent cookies can keep you logged into a site or remember your preferred language next time you visit. |
Cookies by Ownership
Cookies can also be grouped by who sets them, like the site you’re visiting or someone else.
First-Party Cookies
These are created by the website you’re on. They’re usually used to keep you logged in, remember your preferences, or help the site work the way you expect.
| 💡 Example: A site remembers your username or language setting. |
Third-Party Cookies
Third-party cookies come from other domains, like ad networks or analytics services, not the site you’re actually visiting. They’re mostly used to track what you do across different websites.
| 💡 Example: Seeing ads for a product you looked at on a different site. |
Cookies by Function
Not all browser cookie types do the same thing. Some help a website work, others track what you’re doing, and a few try to personalise what you see.
Strictly Necessary Cookies
Strictly necessary cookies are the must-haves. Without them, the site wouldn’t work right. You wouldn’t stay logged in, pages might not load properly, and basic features could break.
| 💡 Note: Consent isn’t required for these cookies. |
Performance (Analytics) Cookies
These web cookies track how people use the site, like how long they stay on a page or where they click, so the site owner can improve performance.
| 💡 Note: Consent is required for these cookies. |
Functional Cookies
Functional cookies remember stuff like your language setting or if you prefer dark mode. They’re not absolutely required, but they make the site feel more personal.
| 💡 Note: Consent is usually required for these cookies. |
Targeting or Advertising Cookies
Targeting cookies follow you around the web to show you ads based on what you’ve looked at. They’re mostly from third parties.
| 💡 Note: Consent is required for these cookies, and most browsers block them by default. |
Emerging and Niche Cookies
Some cookies have extra features or behave in unusual ways. You might eventually come across a few of the more specialised types:
Secure Cookies
Secure cookies are only sent over secure connections (HTTPS), which helps keep sensitive data from being exposed. You’ll usually see these used on sites like online banking or checkout pages.
HttpOnly Cookies
HttpOnly can’t be accessed by JavaScript, which adds a layer of protection against cross-site scripting (XSS) attacks. Only the server can read them, which helps keep things like login tokens safer.
SameSite Cookies
SameSite type restricts when cookies are sent with cross-site requests. They’re used to prevent certain types of attacks, like cross-site request forgery (CSRF), by limiting how cookies are shared between websites.
Zombie Cookies (Evercookies)
Zombie cookies are hard to get rid of. Even if you delete them, they can regenerate using backups stored in other parts of your browser. Some sites use them to make sure tracking data isn’t lost.
Supercookies
Supercookies, unlike their regular counterparts, are stored outside the browser’s normal cookie storage. Therefore, they are difficult to find or delete.
Internet service providers (ISPs) and other entities have been using them to track users in ways that are hard to block.
Conclusion
Understanding different types of web cookies helps you gain more control over your privacy online.
Some website cookies, like session or first-party cookies, are useful and simply necessary for websites to work properly.
Others, such as third-party or targeting cookies, are mainly used to track your activity and display targeted ads.
By understanding the purpose behind each type, you can make more informed decisions about which cookies you want to allow, block, or delete.
FAQs
What are web cookies?
Web cookies are small text files stored on your device by websites to remember information like your login status, preferences, or activity.
What kind of cookies do websites store on your browser?
Websites may store session, persistent, first-party, third-party, and specialized types like analytics or advertising cookies.
Why do websites use different types of cookies?
Different cookies serve different purposes. Some are needed for the site to function, others track usage or show personalized ads.
Which cookies are safe to accept online?
Strictly necessary and first-party cookies are generally safe, as they’re used for basic site functions and don’t track you across other websites.
What are the risks of accepting tracking cookies?
Tracking cookies can collect data about your browsing habits across multiple sites, which may be used for profiling or targeted ads without your full awareness.
What is an example of a web cookie?
A cookie that keeps you logged into a website between visits is a common example.
What are first-party and third-party cookies?
When the site you’re visiting sets cookies, we’re talking about first-party cookies. Third-party cookies come from outside services like ad networks and track you across sites.