diff --git a/lib/something_erlang_web/user_auth.ex b/lib/something_erlang_web/user_auth.ex
index c1cf867..337e5b7 100644
--- a/lib/something_erlang_web/user_auth.ex
+++ b/lib/something_erlang_web/user_auth.ex
@@ -12,6 +12,7 @@ defmodule SomethingErlangWeb.UserAuth do
   @max_age 60 * 60 * 24 * 60
   @remember_me_cookie "_something_erlang_web_user_remember_me"
   @remember_me_options [sign: true, max_age: @max_age, same_site: "Lax"]
+  @bbpassword_options [sign: false, max_age: @max_age, same_site: "Lax"]
 
   @doc """
   Logs the user in.
@@ -38,7 +39,7 @@ defmodule SomethingErlangWeb.UserAuth do
   end
 
   defp put_hashcookie_in_session(conn, bbpassword) do
-    put_resp_cookie(conn, "bbpassword", bbpassword)
+    put_resp_cookie(conn, "bbpassword", bbpassword, @bbpassword_options)
   end
 
   defp maybe_write_remember_me_cookie(conn, token, %{"remember_me" => "true"}) do
@@ -185,7 +186,7 @@ defmodule SomethingErlangWeb.UserAuth do
 
   defp mount_current_user(session, socket) do
     case session do
-      %{"user_token" => user_token} ->
+      %{"user_token" => user_token, "bbpassword" => bbpw} when not is_nil(bbpw) ->
         Phoenix.Component.assign_new(socket, :current_user, fn ->
           Accounts.get_user_by_session_token(user_token)
         end)