diff --git a/server/session/session.go b/server/session/session.go
index 88a5164b8..2e8afa3f0 100644
--- a/server/session/session.go
+++ b/server/session/session.go
@@ -23,8 +23,12 @@ type session struct {
 }
 
 func New(s *settings.Session) Session {
-	secret := securecookie.GenerateRandomKey(32)
+	// TODO (bradrydzewski) hook up the Session.Expires
+	secret := s.Secret
 	expire := time.Hour * 72
+	if len(secret) == 0 {
+		securecookie.GenerateRandomKey(32)
+	}
 	return &session{
 		secret: secret,
 		expire: expire,
diff --git a/settings/settings.go b/settings/settings.go
index 376d51d7f..c19aadfe3 100644
--- a/settings/settings.go
+++ b/settings/settings.go
@@ -73,7 +73,7 @@ type Server struct {
 // used to generate, validate and expire authentication
 // sessions.
 type Session struct {
-	Secret  string `toml:"secret"`
+	Secret  []byte `toml:"secret"`
 	Expires int64  `toml:"expires"`
 }