diff --git a/src/main/java/hawk/controller/LoginController.java b/src/main/java/hawk/controller/LoginController.java
index f6f329c..af734e7 100644
--- a/src/main/java/hawk/controller/LoginController.java
+++ b/src/main/java/hawk/controller/LoginController.java
@@ -54,7 +54,10 @@ public String loginCode(HttpServletRequest req, HttpServletResponse resp, Model
         String sessId = req.getSession().getId();
         String cookieCode = UUID.randomUUID().toString();
         loginCodes.put("cookie-" + sessId, cookieCode);
-        resp.addCookie(new Cookie("XLOGINID", cookieCode));
+        Cookie cookie = new Cookie("XLOGINID", cookieCode);
+        cookie.setHttpOnly(true);
+        cookie.setSecure(true);
+        resp.addCookie(cookie);
         return "redirect:/login-form-multi";
     }