MM5.4 Persistent login
By default, Media Manager will remember a user that has logged in and automatically re-authenticate her on the next visit of the application.
This presents a security impact in the unlikely event of a XSS attack on the application.
Should a client choose to disable persistent login, this can be done by navigating to the DAM Center, under System tools → Configuration and unchecking the option "Enable persistent login".
Disabling persistent login will result in the user having to authenticate every time they access the application and after every page refresh.