Jenkins 2.299 and earlier, LTS 2.289.1 and earlier does not invalidate the previous session on login.