I've made a mistake with the extension directory name. I've uploaded a new tarball with the fix. If I have time, I will try to test and release a new version with seperate cookies per site access (already in SVN, kernel patches not modified yet) and patches for newer eZ publish versions.
I have some days off from work so I'm not going to fix these issues immediately, but maybe you can contribute to the extension (it's in the community svn repository) by adding this functionality.
Encryption of the cookies would be safer of course.
The session variable 'force_logout' isn't used anywehere else by the system (I've tried to find it in other files with grep). You can check on the existence of this session variable in cookieuser/login.php and if it exists, delete the login cookies and afterwards remove the session variable. I think this will work.
Check out the new version (1.3) of Cookie User (http://ez.no/community/contribs/hacks/cookie_user), which
- encrypts the password cookie - disables authentication cookie checking on logout