Note: If you're using location keys, and you're changing your location with a VPN for testing purposes, the cause is the same in that Locksmith caches your access status. Using a private browsing session can still help with this in that you'll have fresh cache.
Locksmith is remembering your browser.
When you open the key, Locksmith remembers it as long as your browser application remains running. To get around this, you'll need to use a private session (see above), or use a different browser or device.
In the case of location keys, if you're using a VPN to change your apparent location, it can even be useful to delete the browser cache during the same browser session. We have a guide on how to do this here:
If you were signed into a customer account when you opened the key, Locksmith can remember access on that account. This is a toggle-able setting on those key condition types, and, when turned on, Locksmith will never ask again when you're signed in.
To turn this setting off, head into the lock and click on the link to the key condition. Next, scroll down in the pop up and disable the option "Remember for signed in customer":
Toggle the setting OFF, and don't forget to save your lock!