@NogDogNov 15.2021 — #Sessions are safer (even though they use cookies). Cookies by themselves can be easily faked. A session cookie is only useful if they guess an active session ID that matches an unexpired set of session data on the PHP server.
Use the $_SESSION[''] and add a checkbox "Remember This" for their browsers to remember the user login credentials. That way, they can auto login. Just make sure to add an alert that they should not check the checkbox if they're on a public computer. As in a library or internet cafe.
I'm gonna do this.
Now, go and read tutorials on how to write the "Remember This" feature with php. I have forgotten how to code it. Last I did about half a dacade ago. I too need to read up on it. Revision.
@helengreyNov 23.2021 — #Session is a way to temporarily store the user information on the server-side, whereas cookies store the information on the user's computer until it expires. I think Sessions are more secure than cookies as it is stored in server. Cookie can be turned off from browser.