diff --git a/mellon/middleware.py b/mellon/middleware.py
index 2d69b80..78ec782 100644
--- a/mellon/middleware.py
+++ b/mellon/middleware.py
@@ -31,7 +31,10 @@ class PassiveAuthenticationMiddleware(MiddlewareMixin):
         if (
             app_settings.OPENED_SESSION_COOKIE_NAME
             and PASSIVE_TRIED_COOKIE in request.COOKIES
-            and app_settings.OPENED_SESSION_COOKIE_NAME not in request.COOKIES
+            and (
+                app_settings.OPENED_SESSION_COOKIE_NAME not in request.COOKIES
+                or (hasattr(request, 'user') and request.user.is_authenticated)
+            )
         ):
             response.delete_cookie(PASSIVE_TRIED_COOKIE)
         return response
diff --git a/tests/test_sso_slo.py b/tests/test_sso_slo.py
index 3fd86f3..0968039 100644
--- a/tests/test_sso_slo.py
+++ b/tests/test_sso_slo.py
@@ -717,12 +717,14 @@ def test_passive_auth_middleware_ok(db, app, idp, caplog, settings):
     url, body, relay_state = idp.process_authn_request_redirect(response['Location'])
     response = app.post(reverse('mellon_login'), params={'SAMLResponse': body, 'RelayState': relay_state})
     assert app.session['mellon_opened_session_cookie'] == '5678'
+    assert 'MELLON_PASSIVE_TRIED' not in app.cookies
     assert '_auth_user_id' in app.session
     # ok change the idp session id
     app.set_cookie('IDP_SESSION', '1234')
     # if we try a request, we are logged out and redirected to try a new passive login
     response = app.get('/', headers={'Accept': 'text/html'}, status=302)
     assert '_auth_user_id' not in app.session
+    assert 'MELLON_PASSIVE_TRIED' in app.cookies
 
 
 def test_passive_auth_middleware_no_passive_auth_parameter(db, app, idp, caplog, settings):