diff --git a/internal/server/handler.go b/internal/server/handler.go
index c6bd185..93f3f98 100644
--- a/internal/server/handler.go
+++ b/internal/server/handler.go
@@ -26,16 +26,19 @@ func (s *Server) HandleUpdate(w http.ResponseWriter, r *http.Request) {
 }
 
 func (s *Server) HandleLoginPost(w http.ResponseWriter, r *http.Request) {
-	secret := r.PostFormValue("secret")
-	http.SetCookie(w, &http.Cookie{
-		Name:     "auth",
-		Value:    secret,
-		Path:     "/",
-		MaxAge:   3600,
-		Secure:   false,
-		HttpOnly: false,
-		SameSite: http.SameSiteLaxMode,
-	})
+	if s.options.Auth.Enabled {
+		auth := s.options.Auth.Get()
+		secret := r.PostFormValue("secret")
+		http.SetCookie(w, &http.Cookie{
+			Name:     "auth",
+			Value:    secret,
+			Path:     "/",
+			MaxAge:   auth.MaxAge,
+			Secure:   auth.Secure,
+			HttpOnly: false,
+			SameSite: http.SameSiteLaxMode,
+		})
+	}
 	http.Redirect(w, r, "/", http.StatusFound)
 }
 
diff --git a/internal/server/options.go b/internal/server/options.go
index 063119f..95fa743 100644
--- a/internal/server/options.go
+++ b/internal/server/options.go
@@ -39,6 +39,8 @@ type AuthOptions struct {
 	// Secret Direct or Path to secret File
 	Secret   string
 	LoadType AuthType
+	Secure   bool
+	MaxAge   int
 }
 
 type TlsOptions struct {
diff --git a/main.go b/main.go
index 3baa035..cbf9e16 100644
--- a/main.go
+++ b/main.go
@@ -32,6 +32,8 @@ var (
 	debugFlag          = flag.Bool("debug", false, "Activate debug Logs")
 	prettyLogsFlag     = flag.Bool("pretty", false, "Pretty pring Logs")
 	logPathFlag        = flag.String("log", "", "Path to logfile, stderr if default")
+	maxAgeFlag         = flag.Int("age", 3600, "Max age for login Session")
+	secureFlag         = flag.Bool("secure", false, "Cookie secure?")
 )
 
 func main() {
@@ -88,6 +90,8 @@ func setupAuth() server.AuthOptions {
 		authOptions.Secret = path
 		authOptions.LoadType = server.File
 	}
+	authOptions.MaxAge = *maxAgeFlag
+	authOptions.Secure = *secureFlag
 	return authOptions
 }