If you are worried about security (as you rightly should be), you should ensure that you use HTTPS and set the secured flag which ensures that your cookie will be encrypted.
I would suggest that you read
this[
^] paper to get a better understanding of cookie security.
Beyond that, I would go with Griff's suggestion of using a combination of Session, Cookie and Database to store the information in a secured fashion. If you use the database, make sure that you are storing sensitive information using encryption.