To store settings for the current user, use the built-in Profile support in ASP.NET.
EPiServer is using this for its own need to store information on a per user basis. (The built-in values EPiServer needs are accessible through the class EPiServerProfile that is a subclass of the ASP.NET class ProfileBase).
You can get access to the current users EPiServer’s Profile instance accessing the static property Current on the EPiServerProfile class. There is also a default indexer property inherited from ASP.NET’s ProfileBase class that you can use for you own values.
EPiServer.Personalization.EPiServerProfile.Current["MySetting"] = "Test123";
For performance reasons use only string, int, DateTime and avoid objects that must be serialized. There is also support for handling anonymous users (not logged in) if needed.
Read more: http://msdn2.microsoft.com/en-us/library/at64shx3.aspx
Update: Read more about changes to Profile information in SP1 for EPiServer CMS 5 R1.