With HTML5's localStorage API available to use, would it be considered good practice to use this as a method of authenticating logins for users who've saved their passwords? I don't think that localStorage is exploitable as cookies are. I'm just wondering if anyone is using them currently, or plans on using them to replace cookies.