Is storing an object containing the user's data in Zend_Auth's default storage secure? Why or why not?
Zend_Auth's default storage uses PHP Session. It's 'security rating' depends on server overall security.
In double words - it is secure enough.
secure enough