Application uses a token cookie consisting of random digits to remember user's login state also after closing the browser. Token is encrypted when stored into database. Also encrypted user id is stored as cookie. Cookies and the encrypted token in the database are removed when user logs out. A separate permission from user is required to use cookies. Application uses Secure Sockets Layer (SSL) to encrypt all relevant information before it leaves the local browser.