Index: wp-login.php
===================================================================
--- wp-login.php	(revision 14541)
+++ wp-login.php	(working copy)
@@ -520,6 +520,8 @@
 		$redirect_to = admin_url();
 	}
 
+	$reauth = empty($_REQUEST['reauth']) ? false : true;
+
 	// If the user was redirected to a secure login form from a non-secure admin page, and secure login is required but secure admin is not, then don't use a secure
 	// cookie and redirect back to the referring non-secure admin page.  This allows logins to always be POSTed over SSL while allowing the user to choose visiting
 	// the admin via http or https.
@@ -530,7 +532,7 @@
 
 	$redirect_to = apply_filters('login_redirect', $redirect_to, isset( $_REQUEST['redirect_to'] ) ? $_REQUEST['redirect_to'] : '', $user);
 
-	if ( !is_wp_error($user) ) {
+	if ( !is_wp_error($user) && !$reauth ) {
 		if ( $interim_login ) {
 			$message = '<p class="message">' . __('You have logged in successfully.') . '</p>';
 			login_header( '', $message ); ?>
@@ -549,7 +551,7 @@
 
 	$errors = $user;
 	// Clear errors if loggedout is set.
-	if ( !empty($_GET['loggedout']) )
+	if ( !empty($_GET['loggedout']) || $reauth )
 		$errors = new WP_Error();
 
 	// If cookies are disabled we can't log in even with a valid user+pass
@@ -570,6 +572,10 @@
 	elseif	( $interim_login )
 		$errors->add('expired', __('Your session has expired. Please log-in again.'), 'message');
 
+	// Clear any stale cookies.
+	if ( $reauth )
+		wp_clear_auth_cookie();
+
 	login_header(__('Log In'), '', $errors);
 
 	if ( isset($_POST['log']) )
Index: wp-includes/general-template.php
===================================================================
--- wp-includes/general-template.php	(revision 14541)
+++ wp-includes/general-template.php	(working copy)
@@ -228,14 +228,18 @@
  * @uses apply_filters() calls 'login_url' hook on final login url
  *
  * @param string $redirect Path to redirect to on login.
+ * @param bool $force_reauth Whether to force reauthorization, even if a cookie is present. Default is false.
+ * @return string A log in url
  */
-function wp_login_url($redirect = '') {
+function wp_login_url($redirect = '', $force_reauth = false) {
 	$login_url = site_url('wp-login.php', 'login');
 
-	if ( !empty($redirect) ) {
+	if ( !empty($redirect) )
 		$login_url = add_query_arg('redirect_to', urlencode($redirect), $login_url);
-	}
 
+	if ( $force_reauth )
+		$login_url = add_query_arg('reauth', '1', $login_url);
+
 	return apply_filters('login_url', $login_url, $redirect);
 }
 
Index: wp-includes/pluggable.php
===================================================================
--- wp-includes/pluggable.php	(revision 14541)
+++ wp-includes/pluggable.php	(working copy)
@@ -799,7 +799,7 @@
 
 	$redirect = ( strpos($_SERVER['REQUEST_URI'], '/options.php') && wp_get_referer() ) ? wp_get_referer() : $proto . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI'];
 
-	$login_url = wp_login_url($redirect);
+	$login_url = wp_login_url($redirect, true);
 
 	wp_redirect($login_url);
 	exit();