changing to a diff id is possible, but hard. if you open a raw cookie, you're not gonna see id = 123. instead youll see a lot of junk characters. this is almost enough to stop most hackers/ hacker wannabees.
i guess one way to enhance security is to add more vairables to the cookie in addition to the id itself.

I opened the cookie and could see the user id in plain text, clear as day.

hey you're right. #*$! lol. shows what i know about cookies
in that case, heres one way.
assign a unique key/string to the cookie whenever the person actually successfully logs in. also insert that key into the db. check for the key and the user id when anyone comes back to the page with the same id. in this way, the key kinda acts like a password that only the real user's computer would "know". furthermore, encrypt it for even more security.

You could md5() some data

<edit>
D40 shoots faster :)
</edit>

I figured that is how most places did it. Anyone else have another method besides using a long key or something MD5 encrypted?

Am I assuming that you are using some form of database to maintain the records of your users and there id is sequential?

As then you do have the issue with people knowing other users id's. If this is the case then please dont tell me that the admin login is id 1...

If you use the uniqid [uk2.php.net] function then it is unlikley that people will be able to guess another user id. So storing an id is not such a large problem.

Definitely be careful about storing sensitive info in cookies--it can be manipulated. It's also sent unencrypted over the internet. Always use some sort of unguessable key, and link that to records in your database.