The code which implements it is entirely in the new LJ::Session module, at cgi-bin/LJ/Session.pm.
You now have separate "www" cookie (your ljmastersession) and per-user cookies, which are per-domain and/or per-path for, say, communities and underscore users.
Also, you can now track your logins:
Eventually we'll do things like let you name IP addresses ("Work", "Home") and show in red things that are out of the ordinary, etc. Also emails on new logins that aren't in your whitelist.
Also, as of last week, you need a password to change your email address, and passwords can't be mailed in cleartext now... only a reset URL.
David or I will be posting more later, and also as questions come up, we'll be watching these posts.
Update: Sorry, I deleted all comments that were regarding the underscore-in-username bug. That was fixed about in parallel with this post, and I didn't want this thread turning into a support request forum. I also accidentally deleted the thread about cookie /path/ restrictions. :-/