.Nop.Authentication cookie security issue

Hello, I need assistance with a security issue related to the ".Nop.Authentication" cookie. If a malicious user is able to capture the ".Nop.Authentication" cookie and inject it directly into their browser, they will have access to the application with the same level of access as the user whose cookie they stole. I need an effective way to invalidate the ".Nop.Authentication" cookie upon the user's logout.
I have already tried changing the expiration date upon logout as well as deleting the cookie, but neither option has worked.

One possible approach is to manage cookies which are signed out by the user in some datastore.

Then, if the un-authorized user tries to use the same cookie, it can be validated at the server side.

Is there any other way out to prevent usage of hijacked cookies?

With SSL running, the only way for an attacker to obtain user cookies is a direct attack on the user’s computer. I don’t think that this problem should be solved by an online store. But in 4.70 we added a setting that will require re-login after changing the password. I think that this will be enough to help the user cope with the consequences of a cookie leak.