Authentication should be fixed. It's cookie-based now and the cookies don't expire for a year.