diff --git a/admin_customers.php b/admin_customers.php
index 05f9656a..6fe2cd18 100644
--- a/admin_customers.php
+++ b/admin_customers.php
@@ -94,6 +94,7 @@ if (($page == 'customers' || $page == 'overview') && $userinfo['customers'] != '
 			$result['switched_user'] = CurrentUser::getData();
 			$result['adminsession'] = 0;
 			$result['userid'] = $result['customerid'];
+			session_regenerate_id();
 			CurrentUser::setData($result);
 
 			$log->logAction(FroxlorLogger::ADM_ACTION, LOG_INFO, "switched user and is now '" . $destination_user . "'");
diff --git a/admin_index.php b/admin_index.php
index 91ea51a5..c1c18c7d 100644
--- a/admin_index.php
+++ b/admin_index.php
@@ -53,6 +53,7 @@ if ($action == 'logout') {
 	if (is_array(CurrentUser::getField('switched_user'))) {
 		$result = CurrentUser::getData();
 		$result = $result['switched_user'];
+		session_regenerate_id();
 		CurrentUser::setData($result);
 		$target = (isset($_GET['target']) ? $_GET['target'] : 'index');
 		$redirect = "admin_" . $target . ".php";
diff --git a/index.php b/index.php
index 2bdd947c..7860686e 100644
--- a/index.php
+++ b/index.php
@@ -786,6 +786,7 @@ if ($action == 'll') {
 function finishLogin($userinfo)
 {
 	if (isset($userinfo['userid']) && $userinfo['userid'] != '') {
+		session_regenerate_id();
 		CurrentUser::setData($userinfo);
 
 		$language = $userinfo['def_language'] ?? Settings::Get('panel.standardlanguage');