Why do I have to log into SBM twice?  It often happens in the morning, and it is annoying.

The issue is caused by security enhancements to your web browser.  SBM Single Sign On browser session management is an advanced Identity Provider (IdP) similar to Okta and AzureAD.  When the user gets to the SBM login screen, they are expected to login at which time they will be returned to the SBM application just as would be the case if we were using third party SAML2 authentication.  For security purposes, the web browser times out the login page session after two minutes, a fact which is non-negotiable with the web browser. Since the user is already on the login page, they can enter their credentials, but the return to Work Center will result in a rejected authentication, and so Work Center returns the user to the login page.  The second login will work.

The fix is to ensure that the user gets sent to a logout page on logout instead of back to TMTRACK.DLL.  See KB S140993  for more information.