diff --git a/modules/user.module b/modules/user.module
index 6a6c1d91d62..bc18b2b75c3 100644
--- a/modules/user.module
+++ b/modules/user.module
@@ -510,7 +510,7 @@ function user_auth_help_links() {
 /*** User features *********************************************************/
 
 function user_login($edit = array(), $msg = "") {
-  global $user;
+  global $user, $base_url;
 
   /*
   ** If we are already logged on, go to the user page instead.
@@ -591,11 +591,12 @@ function user_login($edit = array(), $msg = "") {
       ** that the session won't expire.
       */
 
+      $path = preg_replace("/.+\/\/[^\/]+(.*)/", "\$1/", $base_url);
       if ($edit["remember_me"]) {
-        setcookie(session_name(), session_id(), time() + 3600 * 24 * 365);
+        setcookie(session_name(), session_id(), time() + 3600 * 24 * 365, $path);
       }
       else {
-        setcookie(session_name(), session_id());
+        setcookie(session_name(), session_id(), FALSE, $path);
       }
 
       /*
diff --git a/modules/user/user.module b/modules/user/user.module
index 6a6c1d91d62..bc18b2b75c3 100644
--- a/modules/user/user.module
+++ b/modules/user/user.module
@@ -510,7 +510,7 @@ function user_auth_help_links() {
 /*** User features *********************************************************/
 
 function user_login($edit = array(), $msg = "") {
-  global $user;
+  global $user, $base_url;
 
   /*
   ** If we are already logged on, go to the user page instead.
@@ -591,11 +591,12 @@ function user_login($edit = array(), $msg = "") {
       ** that the session won't expire.
       */
 
+      $path = preg_replace("/.+\/\/[^\/]+(.*)/", "\$1/", $base_url);
       if ($edit["remember_me"]) {
-        setcookie(session_name(), session_id(), time() + 3600 * 24 * 365);
+        setcookie(session_name(), session_id(), time() + 3600 * 24 * 365, $path);
       }
       else {
-        setcookie(session_name(), session_id());
+        setcookie(session_name(), session_id(), FALSE, $path);
       }
 
       /*