diff --git a/backend/routes/auth.js b/backend/routes/auth.js
index 7c2cda78..55e5d0e9 100644
--- a/backend/routes/auth.js
+++ b/backend/routes/auth.js
@@ -26,7 +26,7 @@ router.post("/signup", validateRequest(signupSchema), async (req, res) => {
             return res.status(400).json({ message: 'User already exists' });
         }
 
-        res.status(500).json({ message: 'Error creating user', error: err.message });
+        res.status(500).json({ message: 'Error creating user' });
     }
 });
 
@@ -41,7 +41,7 @@ router.get("/logout", (req, res) => {
     req.logout((err) => {
 
         if (err)
-            return res.status(500).json({ message: 'Logout failed', error: err.message });
+            return res.status(500).json({ message: 'Logout failed' });
         else
             res.status(200).json({ message: 'Logged out successfully' });
     });
diff --git a/backend/server.js b/backend/server.js
index 3f19f00b..4cb7885e 100644
--- a/backend/server.js
+++ b/backend/server.js
@@ -20,6 +20,12 @@ app.use(session({
     secret: process.env.SESSION_SECRET,
     resave: false,
     saveUninitialized: false,
+    cookie: {
+        httpOnly: true,
+        secure: process.env.NODE_ENV === 'production',
+        sameSite: 'strict',
+        maxAge: 24 * 60 * 60 * 1000,
+    },
 }));
 app.use(passport.initialize());
 app.use(passport.session());