On the #EECMS zone of the Twitterz today, Matt Everson of Astuteo was having a problem with MSM and mysterious logout issues. His reasoning was that this cropped up with EE 2.3.x, but I have seen it as far back as 2.1.0. The solution is simple enough. Via the control panel visit Admin -> Security and Privacy -> Cookie Settings. You need to set the Cookie Domain as appropriate. For me I wildcard it out a bit, like this:

.mydomain.com

Repeat this once for each MSM site under the install. Problem solved? Good. Now, why is this the solution? When a cookie is issued to the client browser, it is tied to that Cookie Domain value. That is really the root of identity for each cookie. After the domain, you then have the Cookie Path and the Cookie Name.

The next bit of knowledge that helps build on the understanding here is that EE manages your login based on a Session ID number. That Session ID number is stored in a cookie named exp_sessionid. This is a simplified way to think of the cookie that results from a control panel login:

[cookie domain].[cookie path].[cookie name] = [cookie value]

If we login to Site_1 of an MSM install, we might get something like this:

[.mydomain.com].[/].[exp_sessionid] = 123456789

It is important to note that EE will use the domain for the FIRST of the MSM sites if no configured value is set for Cookie Domain across all sites. That means if you then logged in to Site_2, you get a new cookie with the new Session ID. That cookie would have the EXACT SAME identity tree, and would then overwrite the cookie set by Site_1. Now there is no longer a way for Site_1 and your browser to track the session you are with on the server and you are logged out.

Setting that unique Cookie Domain will allow you to have multiple cookies with differing domains but the same name (exp_sessionid). Since nothing gets overwritten once this is setup you are able to keep your login working.