#3 multiple users overwrite single cookie

[Luke Kenneth Casson Leighton]

if multiple users log in with the same username,
because there is only one session cookie in the
database table per user, the last user that logs in
will be able to access the site and the other(s) will
lose access without warning.

exactly why one username would want to be used in this
way is a Bad Thing _anyway_.