== Recommended Secure Coding Practices

* It is recommended to use ``++HTTPs++`` everywhere so setting the ``++secure++`` flag to _true_ should be the default behaviour when creating cookies.
* Set the ``++secure++`` flag to _true_ for session-cookies.