Yes but most sessions - specifically, PHP sessions - maintain the connection to the user's computer via the PHPSESSID cookie anyway, unless your server and scripts are configured to default to query strings if a cookie can't be set. For many sites, no cookies - no PHP session control.
I don't see a problem with complete disclosure, mentioning that session data is automatically deleted after 25 minutes of activity (I think that's the default, for PHP.)
I'd agree , except by now most "average" people hear read "cookies" ..and get scared or suspicious ..or both ..they tend ( because of abuse by some sites and search engines, and some very bad explanations and scare reporting by so called tech reporters in MSM ) to equate cookies with virus IME.
I know its a fudge ..but by now people ( including lawmakers ) tend to think "cookies" can steal souls.
Our cookies remember the users language preference.
Huh? The site may be remembering the user agent by IP?
Try clearing all cookies for yourdmainname.com in your browser. Disable cookies, then create a new account. A "workaround" I use for this is to enter the site in a browser I've never used on the site before - "clean entry." :-) This will tell you how well it works without cookies. Same for JS.