You might want to expire the Admin cookie. I installed 2 days ago, not gone live with it yet, and I don't have to log back into admin after closing the browser or a reboot. I had to dump my cookies to get it re-validate me.
This isn't a problem for me but might be for other users. I just noticed it and when I get home after work I'll modify the cookie code and if you haven't got to it before me I'll post the fix. For extra protection it might be wise to protect admin with .htaccess.
Thank you,
Bob

Easy fix for this.
In /admin/globals.php

go to where the cookies are set and change:

setcookie("bbuserid",$userinfo[userid],mktime(0,0,0,0,0,2020),"/");

to:

setcookie("bbuserid",$userinfo[userid],"/");

This will expire the admin cookie when you close the browser.

Thank you,
Bob