A method, system, and program are provided for killing login-based
sessions with a single action. In addition to issuing a session token to
a client system upon login by a user to a network service, a personal
token is issued to the client system. The personal token is executable at
the client system to trigger accesses to a personal session controller
and to automatically disallow the session token if the personal session
controller indicates that the personal token is deactivated. The personal
session controller enables an interface through which a user is enabled
select to deactivate all active personal tokens with a single action,
such that a user manages killing login-based sessions independent of the
server system authorizing each login-based session and independent of the
client system to which the login-based session was authorized.