Be especially careful if you are using a public access computer -- in case you forget to log out someone else may well be able to use your account, in fact to "hijack" it after changing the password. With DB that's the case, if you do not log out each and every time, but you just close the browser, someone else can easily access your account. Alternatively, you may want to clear the cookies each and every time, so that even if you forget to log out there will not be possible for someone else to use your account.