diff --git a/server/ott-config.ts b/server/ott-config.ts
index 0ebb000a6..b25510f06 100644
--- a/server/ott-config.ts
+++ b/server/ott-config.ts
@@ -520,6 +520,14 @@ export function validateConfig(): Result<void, Error> {
 		return err(new Error("Invalid configuration."));
 	}
 
+	if (conf.get("session_secret").length < 80) {
+		log.error(
+			"session_secret must be at least 80 characters long. Use a password generator to generate a secure alphanumeric secret."
+		);
+		log.error("This can also be set with the SESSION_SECRET environment variable.");
+		return err(new Error("Invalid configuration."));
+	}
+
 	return ok(undefined);
 }