Normal cookies, as used by WordPress to keep you logged in for a certain period, are the way to check whether a user is logged in. Even if you close your computer they will be there when you switch it on again.
Session tokens are something different. They are meant to transfer information between several page requests. The typical example is the content of a shopping cart that should be displayed while you browse through the pages of an online shop. You could pass that information using query arguments (like www.example.com\?cart="book:Moby_Dick_1799847h4"), but that would involve sending a lot of information every time. In stead, the token is passed and the server knows what cart content to display.
Unless the session token is stored as a cookie on your pc and the server stores the cart content related to that cookie, the sessions disappears as soon as you close your browser. So, session tokens are less permanent than cookies.
You could use session tokens to check if people are still logged in. That would force people to log in every time they open the site. In that case you would also have to disable the normal login procedure.
There might be circumstances where using session tokens to identify users could go wrong. For instance, if you have a large site, distributed over several servers, you may have a valid session with one server, but the load balancer might decide to send you to another, making you lose your session and hence forcing you to login again. The cookies approach would not suffer from this, as all servers will consult the same database to determine whether you are logged in legitimately.
Summing up: unless you’re really skilled with security procedures, stick with the one WordPress provides you with.