diff --git a/securepages.module b/securepages.module
index 36cc329..658fb6c 100644
--- a/securepages.module
+++ b/securepages.module
@@ -33,7 +33,14 @@ user_login_block');
  * Implements hook_init().
  */
 function securepages_init() {
+  // Secure insecure sessions.
   global $is_https;
+  if ($is_https && user_is_anonymous()) {
+    $insecure_session = db_query("SELECT 1 FROM {sessions} WHERE sid = :name AND ssid = ''", array(':name' => $_COOKIE[substr(session_name(), 1)]))->fetchField();
+    if ($insecure_session) {
+      drupal_session_regenerate();
+    }
+  }
 
   // Special path for verifying SSL status.
   if ($_GET['q'] == 'admin/config/system/securepages/test') {