Mojolicious](http://mojolicious.org) is a web development toolkit and framework for Perl. It is used by quite a few openSUSE projects, such as openQA and Cavil.

It contains session management features that rely on cryptographically signed cookies. While they are still considered reasonably secure, tooling has become available to make attacks much easier. So, for this project we will be looking into the addition of encrypted sessions as an alternative to signed cookies, and for ways to encourage users to use more secure application secrets.