diff --git a/authentic2_idp_ltpa/app_settings.py b/authentic2_idp_ltpa/app_settings.py
index 8d0d487..55d9947 100644
--- a/authentic2_idp_ltpa/app_settings.py
+++ b/authentic2_idp_ltpa/app_settings.py
@@ -2,6 +2,7 @@ class AppSettings(object):
     __DEFAULTS = {
             'USE_MIDDLEWARE': True,
             'TOKEN_DURATION': 8*3600,
+            'COOKIE_DURATION': 8*3600,
             'TOKEN_SECRET': None,
             'TOKEN_USERNAME_ATTRIBUTE': None,
             'COOKIE_NAME': 'LtpaToken',
@@ -17,6 +18,12 @@ class AppSettings(object):
         from django.conf import settings
         return getattr(settings, self.prefix + name, dflt)
 
+    @property
+    def COOKIE_DURATION(self):
+        from django.conf import settings
+        default = getattr(settings, 'SESSION_COOKIE_AGE', None)
+        return self._setting('COOKIE_DURATION', default)
+
     def __getattr__(self, name):
         if name not in self.__DEFAULTS:
             raise AttributeError(name)
diff --git a/authentic2_idp_ltpa/views.py b/authentic2_idp_ltpa/views.py
index 5996055..2f16883 100644
--- a/authentic2_idp_ltpa/views.py
+++ b/authentic2_idp_ltpa/views.py
@@ -21,8 +21,10 @@ def add_ltpa_token_to_response(request, response):
             duration=app_settings.TOKEN_DURATION)
     domain = app_settings.COOKIE_DOMAIN or \
     request.META['HTTP_HOST'].split(':')[0]
+    max_age = app_settings.COOKIE_DURATION or None
     response.set_cookie(app_settings.COOKIE_NAME, token, domain=domain,
-            httponly=app_settings.COOKIE_HTTP_ONLY)
+            httponly=app_settings.COOKIE_HTTP_ONLY,
+            max_age=max_age)
     request.session['ltpa'] = True
 
 @login_required