Fact Checked

What Is a Magic Cookie?

Eugene P.
Eugene P.

A magic cookie, more commonly known just as a cookie, is a piece of information sent from a server to a client. It is different from other forms of data that are sent, because the contents of the magic cookie are unreadable by the client. The purpose of a magic cookie is to provide a mechanism by which a server can track, authenticate or otherwise record information about a client on the client’s system without compromising its own security.

Originally, a magic cookie was used to verify the identity of users who were logging into specific computer systems. Eventually, they developed into a method for web servers to save information about visitors to a site. A hypertext transfer protocol (HTTP) cookie is widely used by many types of websites.

A third-party cookie comes from a website outside the one being visited.
A third-party cookie comes from a website outside the one being visited.

The use of a magic cookie makes many functions possible. Information about a browsing session on a website, such as items added to a shopping basket or links that were marked as favorites, can all be stored in a magic cookie. Additionally, the cookie is unreadable to the client system and allows the server to keep any proprietary information or methods secure.

A magic cookie remains secure because the information it contains is encrypted in one way or another. Anyone is able to open the file in which a cookie is stored, but the information will appear as long strings of seemingly random characters. The information is either encrypted or otherwise obfuscated, so it is meaningless without a special magic number that only the server knows and never transmits.

There are two classifications of magic cookies. A first-party cookie is one that comes directly from the website being visited. These are the cookies that are often used to track a session or to record a username and password. The other type is called a third-party cookie.

A third-party cookie comes from a website outside the one being visited. There are many legitimate uses for a third-party cookie, but they also can be used to track the web-viewing habits of a user without the user's knowledge. The controversy over privacy when dealing with third-party cookies has led to the addition of an option in most web browsers to block them from being accepted.

A cookie is just a piece of information sitting on the hard drive of a computer or other device. It is incapable of being executed or otherwise causing malicious harm directly to a computer. Except in extremely rare cases of malicious hacking, only the server that issued the cookie is capable of opening and reading the information it contains.

You might also Like

Discussion Comments


@KoiwiGal - You might not realize what cookies are doing while they are on your computer though. They are used to track you and while that might not be malicious, there are still plenty of people who would rather not have their every movement online reported to various companies.

Particularly companies like Facebook who are on multiple websites (just in case you decide you want to like an article) and who can track you long distance if they put the right kind of cookies on your browser.


@MrsPramm - Well, they can actually make life easier as long as you know which ones to trust and which ones to worry about. I have never really had a problem with them, although I try to clear them regularly from my cache. That's mostly because they tend to slow down my computer.

But it also kind of slows it down to have them removed, because then my regular sites need to add them again.


I had no idea that cookies used to be known as magic cookies. That kind of makes them sound like they are much nicer than they actually are. I'm always having to switch my settings on and off in order to work around websites that don't let you in unless you enable cookies. As far as I'm concerned they are just a massive pain in the neck.

Post your comments
Forgot password?
    • A third-party cookie comes from a website outside the one being visited.
      By: Sandor Kacso
      A third-party cookie comes from a website outside the one being visited.