When the method SignOut() was called, I would redirect the webpage to the login page, thinking that the SignOut() method would have deleted the cookie (as it should)

However, when I clicked back to see if the SignOut() method is working properly, I was told that the page has expired. But I am surprised to see that I could still access the private data if I pressed the Refresh button.

Anyone has any idea how to get around this problem? Thanks in advance for who that reply. :)

This might be a problem with page caching. If the browser or any upstream software/hardware is caching the page, then the browser request won't hit the server which would know the page can't be accessed and refuse access to it.

You might have to play around with cache settings to solve this.

-Peter

Thank you for your reply! : ) It does make a lot of sense, why didn't I think of it.

So I have tried means to clear the cache but to no avail. Does anyone know of a "cheap" and convenient way to do so?

I don't think there is nothing to do with caching.
I think it have to be related to session, many people think that Session and Authentication are the same and they don't. You can SignOut user but Session variables are still there.
Try Session.Abandon() then your FormsAuthentication.SignOut()