Cookies

On login, our site uses the wordpress_[hash] cookie to store your authentication details. Its use is limited to the admin console area, /wp-admin/

After login, our site sets the wordpress_logged_in_[hash] cookie, which indicates when you’re logged in, and who you are, for most interface use.

Our site also sets a few wp-settings-{time}-[UID] cookies. The number on the end is your individual user ID from the users database table. This is used to customize your view of admin interface, and possibly also the main site interface.

 

The actual cookies contain hashed data, so you don’t have to worry about someone gleaning your username and password by reading the cookie data. A hash is the result of a specific mathematical formula applied to some input data (in this case your user name and password, respectively). It’s quite hard to reverse a hash (bordering on practical infeasibility with today’s computers). This means it is very difficult to take a hash and “unhash” it to find the original input data.