Audience asks what happens if a sophisticated user shares their session cookies (not username/password) with someone else — is there any protection? Andrei answers: no.
answer_summary
No — the solution does not protect against sharing of raw session cookies.