[BradleyT]

Cookies are harmless text files. If you go to any site that has a login/password page with a "Remember me" or "Log me in on each visit" the website uses cookies to store your information. It probably also stores information such as the date and time of your last visit so that the forum can show you which threads have been updated since your last visit.

Sensitive data should never be stored in cookies but it's really up to the website creator to impliment that. For example on the e-commerce sites I write that interact with Authorize.net for credit card payments I don't store credit card information in a cookie, in the database, or in computer (webserver) memory. I create a user object that contains all the user details, send that to Authorize.Net, get a response (valid charge/invalid charge) and then delete the user information from memory. For most websites there's absolutely no reason they should be storing your credit card on file unless they have tight security measures in place and it's a place where you'll frequently make transactions.