If you use the scheme described linked from the article, when the legitimate user logs in again, the attacker will lose access to the session permanently.
Oh, I see. A separate cookie makes it easier for you to check for compromised sessions. I suppose you could also do that with regular session cookies if you keep good track of identifier history, but it'd be a lot more hassle.