diff --git a/gateway/html/login.html b/gateway/html/login.html
index 4e639b6..15440d2 100644
--- a/gateway/html/login.html
+++ b/gateway/html/login.html
@@ -115,7 +115,7 @@
             remove: function(name) {
                 var cookie = name + '=; path=/; max-age=0';
                 if (window.location.hostname.includes('technicalkorea.net')) {
-                    cookie += '; domain=.technicalkorea.net';
+                    cookie += '; domain=.technicalkorea.net; secure; samesite=lax';
                 }
                 document.cookie = cookie;
             }
diff --git a/gateway/html/portal.html b/gateway/html/portal.html
index cc9286d..ec23c8b 100644
--- a/gateway/html/portal.html
+++ b/gateway/html/portal.html
@@ -175,7 +175,7 @@
             remove: function(name) {
                 var cookie = name + '=; path=/; max-age=0';
                 if (window.location.hostname.includes('technicalkorea.net')) {
-                    cookie += '; domain=.technicalkorea.net';
+                    cookie += '; domain=.technicalkorea.net; secure; samesite=lax';
                 }
                 document.cookie = cookie;
             }
diff --git a/gateway/html/shared/nav-header.js b/gateway/html/shared/nav-header.js
index cd34e19..fb27418 100644
--- a/gateway/html/shared/nav-header.js
+++ b/gateway/html/shared/nav-header.js
@@ -21,7 +21,7 @@
   function cookieRemove(name) {
     var cookie = name + '=; path=/; max-age=0';
     if (window.location.hostname.includes('technicalkorea.net')) {
-      cookie += '; domain=.technicalkorea.net';
+      cookie += '; domain=.technicalkorea.net; secure; samesite=lax';
     }
     document.cookie = cookie;
   }
diff --git a/system2-report/web/js/api-base.js b/system2-report/web/js/api-base.js
index dbac71e..17a1f84 100644
--- a/system2-report/web/js/api-base.js
+++ b/system2-report/web/js/api-base.js
@@ -25,7 +25,7 @@ if ('serviceWorker' in navigator) {
   function cookieRemove(name) {
     var cookie = name + '=; path=/; max-age=0';
     if (window.location.hostname.includes('technicalkorea.net')) {
-      cookie += '; domain=.technicalkorea.net';
+      cookie += '; domain=.technicalkorea.net; secure; samesite=lax';
     }
     document.cookie = cookie;
   }
diff --git a/system3-nonconformance/web/static/js/core/auth-manager.js b/system3-nonconformance/web/static/js/core/auth-manager.js
index 4b929ab..3d9fd3c 100644
--- a/system3-nonconformance/web/static/js/core/auth-manager.js
+++ b/system3-nonconformance/web/static/js/core/auth-manager.js
@@ -59,7 +59,7 @@ class AuthManager {
     _cookieRemove(name) {
         let cookie = name + '=; path=/; max-age=0';
         if (window.location.hostname.includes('technicalkorea.net')) {
-            cookie += '; domain=.technicalkorea.net';
+            cookie += '; domain=.technicalkorea.net; secure; samesite=lax';
         }
         document.cookie = cookie;
     }
diff --git a/user-management/web/static/js/tkuser-core.js b/user-management/web/static/js/tkuser-core.js
index 2d1358a..d70f922 100644
--- a/user-management/web/static/js/tkuser-core.js
+++ b/user-management/web/static/js/tkuser-core.js
@@ -9,7 +9,7 @@ const API_BASE = '/api';
 
 /* ===== Token ===== */
 function _cookieGet(n) { const m = document.cookie.match(new RegExp('(?:^|; )' + n + '=([^;]*)')); return m ? decodeURIComponent(m[1]) : null; }
-function _cookieRemove(n) { let c = n + '=; path=/; max-age=0'; if (location.hostname.includes('technicalkorea.net')) c += '; domain=.technicalkorea.net'; document.cookie = c; }
+function _cookieRemove(n) { let c = n + '=; path=/; max-age=0'; if (location.hostname.includes('technicalkorea.net')) c += '; domain=.technicalkorea.net; secure; samesite=lax'; document.cookie = c; }
 function getToken() { return _cookieGet('sso_token') || localStorage.getItem('sso_token'); }
 function getLoginUrl() {
     const h = location.hostname;