It's fairly easy, you'll simply need to disable the acceptance of cookies that were set up originally to make things easier for users. This is easy enough, you simply disable their acceptance on your server, or alternatively, set up a "blank" cookie, that errors out any existing cookies, and causes the browser to pop up another password box. Naturally, if you zap the cookie code in your website pages, the cookies are nothing but wasted space on the users drives.
With FireFox/Mozilla/Opera, and real browser (everything but old crusty IE), you may have to fight forms as well. This is easy enough, you simply use a randomizer in the address (php is beautiful for this), in other words, instead of
http://my.com/, you would use
http://my.com/?randomnumbersandlette...esitewasraised
Basically, there are a lot of ways to do this, most of which is pretty basic programming knowledge/website scripting, but it's not something your average MS admin/network guy is going to be able to properly address, because most of those folks barely do the minimum to keep their jobs. Using IE, after most companies, security organizations, governments, etc., have migrated to more secure browsers, just shows how far your firm still has to go simply to catch up to minimally acceptable security standards, so worrying about cookies and logins from internal users is kind of missing the point.
Sorry, but cookies don't mean much when viruses, spyware, adware, keyloggers, and a multitude of other problems are the more relevant threat.
