Browser retaining private key after logout when using encrypted forms