Employee logs into Webmail, say at a hotel kiosk
Employee selects "private computer" as an option
Employee finishes work and leaves hotel
Employee remembers they left kiosk without logging out
Employee knows that typing "https://web
" may or will autocomplete with full TMO Webmail address
Employee suspects (which is true) persistent cookie will show then as logged in.
Employee sets up their laptop, logs into VPN, changes Outlook password.
HOWEVER, Webmail will still show them as logged in, password change on network does not affect current login, at least not in a short period of time.