Session ID

What are Session IDs?

A session ID -- also known as a session identifier, or session token is a unique number that a website server assigns to a user for the duration of his or her site visit. It's like a musician being given a number for the length of an audition or recording session. The number helps the producer identify and connect with the right player during the session.

Session IDs are most commonly used for online shopping, online banking, booking online travel and single-site activities. Session IDs are time sensitive and last only as long as a user is actively engaged on a site.

Here's an example using online shopping as the metaphor. As a customer moves through a website selecting items and placing them in a virtual shopping cart, the site's tracking technology uses a session ID to keep track of the customer's activity. If the customer walks away from their computer for an extended period of time, the session will timeout and the customer's identification and any other personal information will be deleted to protect the privacy of the customer. Closing a browser, then visiting the same site again will generate a new session ID.

A session ID can be stored as a cookie, a form field, or a URL (Uniform Resource Locator). Some servers generate session IDs by simply assigning random numbers. However, most servers use algorithms that track the date and time of visit along with other variables defined by the server administrator.