I&#039;m tossing up which method to use for user authentication on my ASP/MS Access website - either using session cookies or passing the userid/password from page to page as hidden form variables. Performance is a big issue - the users are logging on to rate dozens to hundreds of entries, the results stored to a database.<BR><BR>The downside of session cookies is they can be slow and a drain on the server. The downside of hidden form variables is I&#039;d have to access the database to authenticate the user for each page they log onto. Which is the better option, server performance wise?