diff --git a/Plan/common/src/main/java/com/djrapitops/plan/delivery/webserver/RequestHandler.java b/Plan/common/src/main/java/com/djrapitops/plan/delivery/webserver/RequestHandler.java
index f10615839..f01d51915 100644
--- a/Plan/common/src/main/java/com/djrapitops/plan/delivery/webserver/RequestHandler.java
+++ b/Plan/common/src/main/java/com/djrapitops/plan/delivery/webserver/RequestHandler.java
@@ -142,7 +142,7 @@ public class RequestHandler implements HttpHandler {
                 String from = exchange.getRequestURI().toASCIIString();
                 response = Response.builder()
                         .redirectTo(StringUtils.startsWithAny(from, "/auth/", "/login") ? "/login" : "/login?from=." + from)
-                        .setHeader("Set-Cookie", "auth=expired; Path=/; Max-Age=1")
+                        .setHeader("Set-Cookie", "auth=expired; Path=/; Max-Age=1; SameSite=Lax; Secure;")
                         .build();
             }
         }
diff --git a/Plan/common/src/main/java/com/djrapitops/plan/delivery/webserver/resolver/auth/LoginResolver.java b/Plan/common/src/main/java/com/djrapitops/plan/delivery/webserver/resolver/auth/LoginResolver.java
index 43457adfb..72f550f4b 100644
--- a/Plan/common/src/main/java/com/djrapitops/plan/delivery/webserver/resolver/auth/LoginResolver.java
+++ b/Plan/common/src/main/java/com/djrapitops/plan/delivery/webserver/resolver/auth/LoginResolver.java
@@ -39,7 +39,7 @@ import java.util.concurrent.TimeUnit;
 @Singleton
 public class LoginResolver implements NoAuthResolver {
 
-    private DBSystem dbSystem;
+    private final DBSystem dbSystem;
 
     @Inject
     public LoginResolver(
@@ -61,7 +61,7 @@ public class LoginResolver implements NoAuthResolver {
     public Response getResponse(String cookie) {
         return Response.builder()
                 .setStatus(200)
-                .setHeader("Set-Cookie", "auth=" + cookie + "; Path=/; Max-Age=" + TimeUnit.HOURS.toSeconds(2L))
+                .setHeader("Set-Cookie", "auth=" + cookie + "; Path=/; Max-Age=" + TimeUnit.HOURS.toSeconds(2L) + "; SameSite=Lax; Secure;")
                 .setJSONContent(Collections.singletonMap("success", true))
                 .build();
     }
diff --git a/Plan/common/src/main/java/com/djrapitops/plan/delivery/webserver/resolver/auth/LogoutResolver.java b/Plan/common/src/main/java/com/djrapitops/plan/delivery/webserver/resolver/auth/LogoutResolver.java
index aac283b0c..fd295f845 100644
--- a/Plan/common/src/main/java/com/djrapitops/plan/delivery/webserver/resolver/auth/LogoutResolver.java
+++ b/Plan/common/src/main/java/com/djrapitops/plan/delivery/webserver/resolver/auth/LogoutResolver.java
@@ -58,7 +58,7 @@ public class LogoutResolver implements NoAuthResolver {
     public Response getResponse(String cookie) {
         return Response.builder()
                 .setStatus(200)
-                .setHeader("Set-Cookie", "auth=" + cookie + "; Max-Age=1")
+                .setHeader("Set-Cookie", "auth=" + cookie + "; Max-Age=1; SameSite=Lax; Secure;")
                 .setMimeType(MimeType.HTML)
                 .setContent(
                         "<p>Logging out..</p><script>const urlParams = new URLSearchParams(window.location.search);" +