Personalizable applications let users set their UI preferences and store those settings. Desktop applications typically store the user preferences in a local file (an XML or a configuration file) or in the registry. Web applications, on the other hand, generally use cookies to store user-specific data. Cookies are essentially a text-based key-value collection sent and received via HTTP. There are a few disadvantages to using cookies—chiefly their size limit (8KB), the user's ability to refuse cookies, and the inherently insecure nature of plain text (though you can encrypt or encode the cookie's value). Keeping personalized data on the server is a better option, but has its own issues.
