I will not concern security here, since Infotekka has already entered it quite a bit. It looks like you are asking whether to use SESSION or COOKIE, as if they were an alternative to each other.
This is not true. They are a server (it was a typo ... but I leave it because it is a good pun) for different purposes.
Because HTTP is static, PHP (and others) offer the ability to simulate a state machine in your application using a session. If you have not done so, you will need to use POST / GET between each page to reconcile the data, and if the user switches to another page on their own, the data will be lost! Thus, without a SESSION you cannot register a user on your site .. at least not very consistently.
To summarize, SESSION is used to store data between multiple pages of your site without using HTTP for a long period of time. This is what it is used for.
I suppose you could use COOKIE for this, but it is much more complicated as a cookie, especially when dealing with objects serialized for a session. Cookies that are installed also cannot be accessed until the next page loads and must be set before any exit using a script (like any other header).
Sessions should be just that: the session that the user has when they sit on their computer, but how long to work on this site. When the vacation ends, the session ends.
Cookies should be used to store simple data for a long period of time. If they go to the site a lot, they may want their username to be remembered for them, so it can be stored as a cookie. Just be aware of the security issues noted by Infotekka.
EDIT: Finally, I have to add that the COOKIE is passed on every page request between the user and the browser. More cookies means longer page load time.