here are a couple more thoughts regarding the 'settings stored in cookies' topic. to begin, a little context might be helpful. for best security, no settings would be stored in a cookie, but that brings the convenience factor way down. at the same time, having all settings stored in a cookie by default would not be attractive to the security centric folks.
the $64 question then becomes: how can we best compromise between security and convenience to please most folks most of the time?
one line of thought goes something like this: allow a user to select which individual settings they want to have stored in a cookie (i'm thinking a checkbox for each setting). if implemented, one could choose as many or as few options to save based on their personal preferences.
then to take it to the next level, how about letting a user store multiple custom sets of preferences (i'll refer to them as 'preference sets'). eg. one 'preference set' could save all preferences, another 'preference set' could specify l33t, hash and characters, and a third 'preference set' might save everything except three or four fields.
i have no idea how easy/difficult this (these?) would be to implement. if it's more towards the difficult end of the spectrum then we can file it in the 'The Supremely Difficult Features' category or just fuhgeddaboudit. if it's closer to the 'easy' end, then let's open it up for discussion. opinions?