I think that you are overthinking the problem. The ability to copy a cookie is just an inherent problem of cookies - anyone can intercept any cookie and impersonate whatever data is in there by setting it up on another machine.
The "security" of the authentication cookie comes from the fact that no one can (supposedly) craft the cookie by hand to fake an authenticated user. However, once the cookie is created, of course it can be used for authentication. This means that in order for your "problem" to happen, you still need to have a valid user log in first. If that user is abusing the system by copying his cookie to other machines to give everyone access, it's exactly the same thing as the user just telling everyone her username and password, except far more obtuse. Therefore, the problem isn't the copying of the cookie - it's the user herself.
Another attack vector would be if the network is compromised and someone can intercept the traffic to piece together the cookie via a sniffer or whatever - but again, this is inherent with cookies themselves. This is called Session Hijacking, and the only way to protect against this is to use SSL for your site.
If you're really worried about it, I'd just set your authentication and session timeouts to be the same, and then in your global.asax file, simply call FormsAuthentication.Signout() whenever the user's session expires. This invalidates the authentication whenever the user is done their session, forcing them to log in again later. Of course, this might be an extreme annoyance to your users...
I would also highly recommend This MSDN article. It probably answers your questions a lot better than I can.