This holds true in IE, FireFox, and Chrome on dev box- including after manually deleting cookies in IE Internet Options
I sign in as a user, change password (works) and sign out. I can then log in as the user with both the old and new password – a garbage password does fail authentication.
Log IN –
Change Password –
Sign Out –
Log In with old password again, Authenticates –
Sign Out –
Log In with New password, Authenticates –
Sign Out –
Log In with junk password fails of course
Rinse and Repeat – same behavior
Is there a code piece missing for the Azure part? Disconcerting – grrr
web.config:

<authentication mode="Forms">
    <forms loginUrl="~/Account/LogOn" timeout="15"></forms>
</authentication>

SignOff code:

public ActionResult LogOff()
    {
        FormsAuthentication.SignOut();

        // Drop all the information held in the session
        Session.Clear();
        Session.Abandon();

        // clear authentication cookie
        HttpCookie cookie1 = new HttpCookie(FormsAuthentication.FormsCookieName, "");
        cookie1.Expires = DateTime.Now.AddYears(-1);
        Response.Cookies.Add(cookie1);

        // clear session cookie
        HttpCookie cookie2 = new HttpCookie("ASP.NET_SessionId", "");
        cookie2.Expires = DateTime.Now.AddYears(-1);
        Response.Cookies.Add(cookie2);
        foreach (var cookie in Request.Cookies.AllKeys)
        {
            Request.Cookies.Remove(cookie);
        }
        // Redirect the user to the login page
        return RedirectToAction("LogOn"); 
    }