Thank you for the suggestion. It's not a browser specific issue ... I'm finding the problem in all browsers and all systems I'm logging in from.
And omg yay looks like I found the problem ... caching. Somebody else originally developed the site, and set caching on the root page's GENERAL TAB to 8 hours ... looks like caching was turned off on that "authorization required" page on the live site, but not on the test site.
While that caching was turned on, closing a private browser window or deleting browser cookies did not prevent the display of the "authorization required" content ... the login cookies were gone, but because of caching, that "authorization required" content still displayed without requiring a login.
Using the LOGOUT button in kentico SOMETIMES resulted in the "authorization required" content still being viewable. I did go back and check that "authorization required" content right away ... I'm guessing maybe LOGGING OUT in kentico took a while to affect the ability to view that "authorization required" content, whereas closing the private browser window or deleting the browser cookies had no effect at all, kentico just merrily kept serving that "authorization required" content.
(Okay now I'm dying to know why somebody set the root node's caching to 8 hours!!!! ... haha okay and why didn't I think of checking the caching values earlier?!)