.NET Membership: Best way to Implement "I know you but you're not logged in"

Sites like ebay and amazon.com Know who you are with a message like

Hello, Bob. Please log in.

.开发者_JAVA技巧.. but they also know you haven't authenticated yet for this session. What is the best way to implement this in an ASP.NET application using the Membership API/Framework? I can think of a few ways to go here, but my primary concern is to not compromise security in the name of convenience or apparent cleverness.

Special bonus question: is there a commonly used term that describes this session state (e.g., identified but not authenticated)

They do this with a cookie. No private information is needed other than the first name, or a unique identifier for a database lookup.

I think "identified but not authenticated" says it all...

I suspect the way most sites do it is with a cookie storing your "Name" and then they read and display this information on the page