diff --git a/apps/fz_http/lib/fz_http_web/session.ex b/apps/fz_http/lib/fz_http_web/session.ex
index b993ac29b..c4c77c692 100644
--- a/apps/fz_http/lib/fz_http_web/session.ex
+++ b/apps/fz_http/lib/fz_http_web/session.ex
@@ -29,7 +29,12 @@ defmodule FzHttpWeb.Session do
   end
 
   defp signing_salt do
-    FzHttp.Config.fetch_env!(:fz_http, :cookie_signing_salt)
+    [vsn | _] =
+      Application.spec(:fz_http, :vsn)
+      |> to_string()
+      |> String.split("+")
+
+    FzHttp.Config.fetch_env!(:fz_http, :cookie_signing_salt) <> vsn
   end
 
   defp encryption_salt do
diff --git a/apps/fz_http/test/fz_http_web/acceptance/authentication_test.exs b/apps/fz_http/test/fz_http_web/acceptance/authentication_test.exs
index b6631cc97..6a67082e6 100644
--- a/apps/fz_http/test/fz_http_web/acceptance/authentication_test.exs
+++ b/apps/fz_http/test/fz_http_web/acceptance/authentication_test.exs
@@ -65,8 +65,9 @@ defmodule FzHttpWeb.Acceptance.AuthenticationTest do
       |> fill_form(%{"email" => "foo@bar.com"})
       |> click(Query.button("Send"))
       |> assert_el(Query.text("Reset Password"))
-      |> visit(~p"/dev/mailbox")
-      |> assert_el(Query.text("Empty mailbox..."))
+
+      emails = Swoosh.Adapters.Local.Storage.Memory.all()
+      refute Enum.find(emails, &(&1.to == "foo@bar.com"))
     end
 
     feature "can reset password using email link", %{session: session} do