There are two causes of this and the solution will be different depending on the cause:
Pretend your hostname is www.example.com.
If someone types in example.com (without the www) it will cause a cookie under the “.example.com” domain.
It will then redirect to www.example.com causing another cookie to be created at “.www.example.com”.
The easiest solution to this would be to do the following:
- Go to System -> Configuration -> Web
- In the left hand corner where it says Current Configuration Scope you should select the store view for the store so you are in the store scope.
- Under Session Cookie Management change the cookie domain to .www.example.com (the preceding “.” Is not a mistake). Important: This must be the correct hostname entered. If you enter it wrong or even with spaces, etc, it could make cookies break even for the admin which would cause loss of access to the admin area.
- After this you should go to Extendware -> Manage Extensions -> Page Cache -> Configuration and save the config.
The second most common issue is another extensions created incorrectly or a core customization on the store.
The most common core customization is an edit of /app/code/core/Mage/Core/Model/Session/Abstract/Varien.php
This File should be replaced to its original file. If this file is found in app/code/local or app/code/community then it should be deleted so the app/code/core version is loaded
If it is another extension causing this issue, the only way to debug would be to disable other extensions, clear cookies, and see if double cookies occur. When the offending extension is found then leave it disabled or fix it.
As a last resort - if it cannot be found - sometimes changing the cookie domain as found in Solution #1 will work. However, instead of changing it to .www.example.com you should change it to www.example.com and save the page cache config afterwards, delete cookies, and test to see if double cookies appear (test account login on the fronted usually is a good test).