diff --git a/.gitignore b/.gitignore
index 4a78ed39f84f94a3551e52e95730e98e0e47e34c..d02467332235dbd662db0ca040f361d16a771390 100644
--- a/.gitignore
+++ b/.gitignore
@@ -17,3 +17,4 @@ public/uploads/*
 config/app_config.yml
 bin/*
 nbproject
+config/initializers/secret_token.rb
diff --git a/config/initializers/check_session_secret.rb b/config/initializers/check_session_secret.rb
new file mode 100644
index 0000000000000000000000000000000000000000..1970c5078bb53f9664634c7d0cada53d97bdf40f
--- /dev/null
+++ b/config/initializers/check_session_secret.rb
@@ -0,0 +1,5 @@
+unless File.exists?( File.join(Rails.root, 'config', 'initializers', 'secret_token.rb'))
+  `rake generate:secret_token`
+   require  File.join(Rails.root, 'config', 'initializers', 'secret_token.rb')
+end
+
diff --git a/config/initializers/secret_token.rb b/config/initializers/secret_token.rb
index 20f6087bf8ff95c5874576a27de1fa0df9d39f05..66c59261abcf768bab8e5450bfd1151a384c3c8b 100644
--- a/config/initializers/secret_token.rb
+++ b/config/initializers/secret_token.rb
@@ -8,4 +8,4 @@
 # If you change this key, all old signed cookies will become invalid!
 # Make sure the secret is at least 30 characters and all random,
 # no regular words or you'll be exposed to dictionary attacks.
-Rails.application.config.secret_token = 'ea08916110cae7f10fe9e1f7c7cb8c1fee13c3c3bee35180ac3061c370bd9ad985f28fcf2eb5f5684d0d618855efdeb862918628e994ed3e7fc806777428ef40'
+Rails.application.config.secret_token = '3484b78b0f9d88f40cd44a20cf647140e5900632d0c9b85e1fd91dc539811d243f2f0756f791019c'
diff --git a/lib/tasks/generate_session_secret.rake b/lib/tasks/generate_session_secret.rake
new file mode 100644
index 0000000000000000000000000000000000000000..90274dff34246b3b612b423fce4758d32ca32e4d
--- /dev/null
+++ b/lib/tasks/generate_session_secret.rake
@@ -0,0 +1,26 @@
+namespace :generate do
+  desc 'Generates a Session Secret Token'
+  task :secret_token do
+
+  path = File.join(Rails.root, 'config', 'initializers', 'secret_token.rb')
+  secret = ActiveSupport::SecureRandom.hex(40)
+  File.open(path, 'w') do |f|
+    f.write <<"EOF"
+#   Copyright (c) 2010, Diaspora Inc.  This file is
+#   licensed under the Affero General Public License version 3.  See
+#   the COPYRIGHT file.
+
+# Be sure to restart your server when you modify this file.
+
+# Your secret key for verifying the integrity of signed cookies.
+# If you change this key, all old signed cookies will become invalid!
+# Make sure the secret is at least 30 characters and all random,
+# no regular words or you'll be exposed to dictionary attacks.
+Rails.application.config.secret_token = '#{secret}'
+EOF
+
+puts "YAY!!"
+end
+
+  end
+end