The financial sites I've used (maybe 2-3) have what I used to think was an annoyingly fast expiration of authentication cookies (only a minute or two). Now I can see that I'm glad they do that. Even so, this doesn't completely eliminate the problem by itself. They do all also have a "sign out" (similar to the ACS "Logout" link) button, which I assume wipes out the cookie completely.