We noticed that on our pega platfrom application uses session id only to authenticate the user. For instance, I had logged into our application then I changed my public ip address. When I have refreshed the page, application did not ask me to login again. It is a vulnerability for us. Which action should I take to fix this. Can any of the options in the following link help ?