Storing A Hashed Password In Cookie

[Aljade]

I am making a user login system and I thought a way to make a session/cookie more secure I could store the users password encoded with sha1 and verify it.

So for example when the user logged in I would make 2 sessions like so:
[code]$_SESSION['user_id'] = $user_id;
$_SESSION['secure_hash'] = $user_sha1_password;[/code]

Also if the user selected to automatically login I created 2 cookies:
[code]setcookie("autologin_userid", $user_id, time() + 31536000, "/Example", "example.com", 0);
setcookie("autologin_secure", $user_sha1_password, time() + 31536000, "/Example", "example.com", 0);[/code]

Then I would check the stored hashed password from cookies/sessions with the one that was stored in the database.

Now is this actually making my system more secure than if I just stored the user's id in the session/cookie or is it making it less secure?

Thank you!

[.josh]

i personally do something like this: take the user name and password and join them together in my own super secret alogorythm way. then encrypt that with md5 or sha1 and store that string as a cookie.

[mac.php]

Yeah that makes your system more secure in my humble opinion.

[Crusader]

I wouldn't suggest storing any passwords in a cookie. Why not just setup a session hash id that updated every page load?