diff --git a/development.ini b/development.ini
--- a/development.ini
+++ b/development.ini
@@ -351,6 +351,8 @@ beaker.cache.sql_cache_long.key_length =
 ## file based cookies (default) ##
 #beaker.session.type = file
 
+## beaker.session.key should be unique for a given host, even when running
+## on different ports. Otherwise, cookie sessions will be shared and messed up.
 beaker.session.key = kallithea
 beaker.session.secret = development-not-secret
 
diff --git a/kallithea/bin/template.ini.mako b/kallithea/bin/template.ini.mako
--- a/kallithea/bin/template.ini.mako
+++ b/kallithea/bin/template.ini.mako
@@ -348,6 +348,10 @@ beaker.cache.sql_cache_long.key_length =
 <%text>## file based cookies (default) ##</%text>
 #beaker.session.type = file
 
+<%text>
+## beaker.session.key should be unique for a given host, even when running
+## on different ports. Otherwise, cookie sessions will be shared and messed up.
+</%text>
 beaker.session.key = kallithea
 beaker.session.secret = ${uuid()}
 
diff --git a/kallithea/config/deployment.ini_tmpl b/kallithea/config/deployment.ini_tmpl
--- a/kallithea/config/deployment.ini_tmpl
+++ b/kallithea/config/deployment.ini_tmpl
@@ -345,6 +345,8 @@ beaker.cache.sql_cache_long.key_length =
 ## file based cookies (default) ##
 #beaker.session.type = file
 
+## beaker.session.key should be unique for a given host, even when running
+## on different ports. Otherwise, cookie sessions will be shared and messed up.
 beaker.session.key = kallithea
 beaker.session.secret = ${app_instance_uuid}
 
diff --git a/production.ini b/production.ini
--- a/production.ini
+++ b/production.ini
@@ -349,6 +349,8 @@ beaker.cache.sql_cache_long.key_length =
 ## file based cookies (default) ##
 #beaker.session.type = file
 
+## beaker.session.key should be unique for a given host, even when running
+## on different ports. Otherwise, cookie sessions will be shared and messed up.
 beaker.session.key = kallithea
 beaker.session.secret = change-me
 
diff --git a/test.ini b/test.ini
--- a/test.ini
+++ b/test.ini
@@ -351,6 +351,8 @@ beaker.cache.sql_cache_long.key_length =
 ## file based cookies (default) ##
 #beaker.session.type = file
 
+## beaker.session.key should be unique for a given host, even when running
+## on different ports. Otherwise, cookie sessions will be shared and messed up.
 beaker.session.key = kallithea
 beaker.session.secret = {74e0cd75-b339-478b-b129-07dd221def1f}