diff --git a/README.txt b/README.txt
index b6ea2f2..b69eb32 100644
--- a/README.txt
+++ b/README.txt
@@ -10,7 +10,7 @@ same person.
 
 For a full description of the module, visit the project page:
   http://drupal.org/project/ubb
-  
+
 To submit bug reports or feature suggestions, or to track changes:
   http://drupal.org/project/issues/ubb
 
@@ -43,14 +43,14 @@ To submit bug reports or feature suggestions, or to track changes:
   example, if your current $db_url is:
 
   $db_url = mysql://username:password@localhost/drupaldatabase
-  
+
 then you would change it to something like this:
 
   $db_url['default'] = mysql://username:password@localhost/drupaldatabase
   $db_url['ubb'] = mysql://username:password@localhost/ubbdatabase
-  
+
 Note that the protocol (mysql or mysqli) for both connections must be the same,
-i.e. you cannot use mysqli for Drupal and mysql for UBB. 
+i.e. you cannot use mysqli for Drupal and mysql for UBB.
 
 3. Install the module as usual (see http://drupal.org/node/70151).
 
@@ -66,13 +66,17 @@ i.e. you cannot use mysqli for Drupal and mysql for UBB.
 
 3. Check the option to "Enable UBB.threads integration."  This turns on the
   following features:
-  
+
   - When a new user registers in Drupal, an account will be created in UBB.
   - When a Drupal user changes their username, e-mail address, or password, the
     corresponding UBB account will also be updated.
-  - When a Drupal user logs on/off, a "magic cookie" will also be set for UBB.
-    If UBB is running on the same domain as Drupal, this cookie will cause them
-    to be automatically logged on/off when they browse to UBB.
+
+4. (optional) Go to Administer >> User management >> Permissions and enable the
+  'automatically login to ubb.threads' permission as appropriate for your site.
+  Typically, this is set for all authenticated users.  When a Drupal user with
+  this permission logs on/off, a "magic cookie" will also be set for UBB.  If
+  UBB is running on the same domain as Drupal, this cookie will cause them to be
+  automatically logged on/off when they browse to UBB.
 
 *** PLEASE NOTE: Once you have enabled the integrations, it is highly
 recommended that you also disable UBB's registration screens, in order to
@@ -91,7 +95,7 @@ Author/maintainer:
 This project has been sponsored by:
 * Christians in Recovery - http://christians-in-recovery.org/
   Your Internet community for recovery.  Always available, always caring.
-  
+
 * MacTech - http://www.mactech.com/
   The journal of Apple technology.
 
diff --git a/ubb.install b/ubb.install
index d5fbc83..b1ba712 100644
--- a/ubb.install
+++ b/ubb.install
@@ -29,4 +29,33 @@ function ubb_enable() {
 */
 function ubb_install() {
   // No-op.
-}
\ No newline at end of file
+}
+
+/**
+ * Enable the 'automatically login to ubb.threads' permission by default for
+ * authenticated users on installs that predate issue #1045298.
+ */
+function ubb_update_6100() {
+  /* Issue #1045298 introduced a permission to control whether the automatic
+     login cookie for UBB was set on Drupal login; before that change, the UBB
+     cookie was always set for all Drupal users.  Thus, we grant that permission
+     to all authenticated users here, so that sites that were using this module
+     before the permission was introduced do not suddenly break upon updating
+     the module.  Sites that do a fresh install will not run this update, and
+     thus will need to set the permission manually.
+  */
+  $perm_list = db_result(db_query("SELECT perm FROM {permission} WHERE rid = %d", DRUPAL_AUTHENTICATED_RID));
+  // Drupal 6, oddly, stores permissions for a role as a single row containing
+  // a comma-separated list of permissions.  Thus, we explode the list of
+  // permissions (if any), add our new permission, and re-implode before saving.
+  $perms = empty($perm_list) ? array() : explode(', ', $perm_list);
+  $perms[] = 'automatically login to ubb.threads';
+  $perms = implode(', ', $perms);
+  if ($perm_list === FALSE) {
+    db_query("INSERT INTO {permission} (rid, perm) VALUES (%d, '%s')", DRUPAL_AUTHENTICATED_RID, $perms);
+  }
+  else {
+    db_query("UPDATE {permission} SET perm = '%s' WHERE rid = %d", $perms, DRUPAL_AUTHENTICATED_RID);
+  }
+  return array();
+}
diff --git a/ubb.module b/ubb.module
index 59b66ea..c5cd045 100644
--- a/ubb.module
+++ b/ubb.module
@@ -6,6 +6,13 @@
 */
 
 /**
+ * Implements hook_perm().
+ */
+function ubb_perm() {
+  return array('automatically login to ubb.threads');
+}
+
+/**
 * Implement hook_menu().
 */
 function ubb_menu() {
@@ -97,7 +104,7 @@ function ubb_user($op, &$edit, &$account, $category = NULL) {
         break;
 
       case "login":
-        if (ubb_db_open()) {
+        if (user_access('automatically login to ubb.threads') && ubb_db_open()) {
           $ubb_user = db_fetch_array(db_query("SELECT USER_ID, USER_SESSION_ID FROM {USERS} WHERE USER_LOGIN_NAME = '%s'", $account->name));
           if (!empty($ubb_user)) {
             if (!$ubb_user['USER_SESSION_ID']) {
@@ -121,9 +128,11 @@ function ubb_user($op, &$edit, &$account, $category = NULL) {
         break;
 
       case "logout":
-        // Delete user and session cookies.
-        setcookie($cookie_prefix ."ubbt_myid",   '', time() - 3600, $cookie_path);
-        setcookie($cookie_prefix ."ubbt_mysess", '', time() - 3600, $cookie_path);
+        if (user_access('automatically login to ubb.threads')) {
+          // Delete user and session cookies.
+          setcookie($cookie_prefix ."ubbt_myid",   '', time() - 3600, $cookie_path);
+          setcookie($cookie_prefix ."ubbt_mysess", '', time() - 3600, $cookie_path);
+        }
         break;
     }
   }
