diff --git a/libs/persistent_session.php b/libs/persistent_session.php
index 03e3b3d..7224923 100644
--- a/libs/persistent_session.php
+++ b/libs/persistent_session.php
@@ -9,6 +9,10 @@ if (!empty($missing_keys)) {
 	die('Missing required keys in config.ini: ' . implode(', ', $missing_keys));
 }
 
+if (strlen($config['secret_key']) < 32) {
+	die('Secret key in config.ini must be at least 32 characters long');
+}
+
 const COOKIE_NAME = 'timeline_login';
 const ENCRYPTION_METHOD = 'aes-256-cbc';
 const EXPIRATION_DAYS = 30;
@@ -113,7 +117,7 @@ function saveLogin() {
 
 function isSavedCookieValid() {
 	$cookieExpiry = getCookieData();
-	
+
 	if ($cookieExpiry === false) {
 		deletePersistentCookie();
 		return false;
diff --git a/private/config_template.ini b/private/config_template.ini
index cfef942..22ca1ea 100644
--- a/private/config_template.ini
+++ b/private/config_template.ini
@@ -42,9 +42,9 @@ webmentions_txt_path = "./mentions.txt"
 public_webmentions = "https://example.com/timeline/mentions.txt"
 
 [security]
-; Secret key to encrypt cookies
-; Create a new one here: https://randomkeygen.com
-secret_key = "553GkZzIYZKx5z0lftt4yKDG4aKb4sAG"
+; Secret key to encrypt cookies of at least 256-bit (32 characters)
+; Create one here: https://randomkeygen.com (CodeIgniter Encryption Keys)
+secret_key = ""
 
 ; Simple password
 password = "change_me"