Hi, I work for the CDC in Atlanta and we&#039re investigating some security issues with cookies. Not the usual ones, though.<BR><BR>First, we have a mandate not to track or to provide the means to track users. The unique identifier number in a cookie can be seen as a means of tracking users. Is it possible not to have these be unique? For instance, can cookies of the same value be given the same identifier?<BR><BR>Second, and perhaps more likely, is there any way to hide the domain or path in the cookie itself? I&#039ve tried blanking out the .domain and .path properties in the Response.Cookie object, but when I look at the cookie on the client, it has this information in there. Again, a strange gov&#039t requirement not to allow someone who might get to your computer to see where you&#039ve been (so, specifically the path would need to be blank).<BR><BR>Thanks for any help.