Great question. A cookie is just data. It depends on how the cookie is being used. If it's being used as a key into a database, or as an identifer, then, yes, it needs to be unique. But in other cases, it might not.
Cookies aren't secure, but you have to ask whether they can be effectively tampered with. Consecutive UIDs would be bad. Random strings would be good.
Usually, your browser will ask you whether you want to delete the cookies as well.
Another great question. Incognito mode clears stuff, including cookies, when the tab is closed. But until the tab is closed, the cookies work fine.
It makes it easier to debug if you can look at what the browser is seeing and sending.
Yes, though sometimes not for years and years, so effectively not.
I assume there are differences, though the W3C sets minimum standards.
Yes, though possibly not directly. Cookies are a building block of sessions, which you are required to use.
You might only use sessions, but cookies are useful in their own right, and also worth knowing as a step towards sessions.
It depends on the browser. Almost certainly in a small SQL database stored on your laptop, probably in your home directory somewhere.
flash() uses cookies, so I wanted to avoid confusion.
I could have, but I wanted to keep the example as simple as I could.
Yes please!