Absolutely. If you want to try and debug this, boot up a quickstart which should take less than 5 minutes and see if you can log in and refresh the page. This will signal that the app is using silent auth to get a new token after refresh.
The short random string is an opaque access token designated for the /userinfo endpoint.
http://community.auth0.com/t/why-is-my-access-token-not-a-jwt/31028
Even if you clear the cookies/logout you shouldn’t have to do it again.