diff --git a/wp-includes/pluggable.php b/wp-includes/pluggable.php
index 69a3a6c19..408234000 100644
--- a/wp-includes/pluggable.php
+++ b/wp-includes/pluggable.php
@@ -671,6 +671,9 @@ function wp_set_auth_cookie($user_id, $remember = false, $secure = '') {
 	if ( '' === $secure )
 		$secure = is_ssl();
 
+	$secure = apply_filters('secure_auth_cookie', $secure, $user_id);
+	$secure_logged_in_cookie = apply_filters('secure_logged_in_cookie', false, $user_id, $secure);
+
 	if ( $secure ) {
 		$auth_cookie_name = SECURE_AUTH_COOKIE;
 		$scheme = 'secure_auth';
@@ -689,18 +692,18 @@ function wp_set_auth_cookie($user_id, $remember = false, $secure = '') {
 	if ( version_compare(phpversion(), '5.2.0', 'ge') ) {
 		setcookie($auth_cookie_name, $auth_cookie, $expire, PLUGINS_COOKIE_PATH, COOKIE_DOMAIN, $secure, true);
 		setcookie($auth_cookie_name, $auth_cookie, $expire, ADMIN_COOKIE_PATH, COOKIE_DOMAIN, $secure, true);
-		setcookie(LOGGED_IN_COOKIE, $logged_in_cookie, $expire, COOKIEPATH, COOKIE_DOMAIN, false, true);
+		setcookie(LOGGED_IN_COOKIE, $logged_in_cookie, $expire, COOKIEPATH, COOKIE_DOMAIN, $secure_logged_in_cookie, true);
 		if ( COOKIEPATH != SITECOOKIEPATH )
-			setcookie(LOGGED_IN_COOKIE, $logged_in_cookie, $expire, SITECOOKIEPATH, COOKIE_DOMAIN, false, true);
+			setcookie(LOGGED_IN_COOKIE, $logged_in_cookie, $expire, SITECOOKIEPATH, COOKIE_DOMAIN, $secure_logged_in_cookie, true);
 	} else {
 		$cookie_domain = COOKIE_DOMAIN;
 		if ( !empty($cookie_domain) )
 			$cookie_domain .= '; HttpOnly';
 		setcookie($auth_cookie_name, $auth_cookie, $expire, PLUGINS_COOKIE_PATH, $cookie_domain, $secure);
 		setcookie($auth_cookie_name, $auth_cookie, $expire, ADMIN_COOKIE_PATH, $cookie_domain, $secure);
-		setcookie(LOGGED_IN_COOKIE, $logged_in_cookie, $expire, COOKIEPATH, $cookie_domain);
+		setcookie(LOGGED_IN_COOKIE, $logged_in_cookie, $expire, COOKIEPATH, $cookie_domain, $secure_logged_in_cookie);
 		if ( COOKIEPATH != SITECOOKIEPATH )
-			setcookie(LOGGED_IN_COOKIE, $logged_in_cookie, $expire, SITECOOKIEPATH, $cookie_domain);
+			setcookie(LOGGED_IN_COOKIE, $logged_in_cookie, $expire, SITECOOKIEPATH, $cookie_domain, $secure_logged_in_cookie);
 	}
 }
 endif;
@@ -764,6 +767,8 @@ function auth_redirect() {
 
 	$secure = ( is_ssl() || force_ssl_admin() );
 
+	$secure = apply_filters('secure_auth_redirect', $secure);
+
 	// If https is required and request is http, redirect
 	if ( $secure && !is_ssl() && false !== strpos($_SERVER['REQUEST_URI'], 'wp-admin') ) {
 		if ( 0 === strpos($_SERVER['REQUEST_URI'], 'http') ) {
diff --git a/wp-includes/user.php b/wp-includes/user.php
index c30f7be83..706ded312 100644
--- a/wp-includes/user.php
+++ b/wp-includes/user.php
@@ -43,6 +43,8 @@ function wp_signon( $credentials = '', $secure_cookie = '' ) {
 	if ( '' === $secure_cookie )
 		$secure_cookie = is_ssl();
 
+	$secure_cookie = apply_filters('secure_signon_cookie', $secure_cookie, $credentials);
+
 	global $auth_secure_cookie; // XXX ugly hack to pass this to wp_authenticate_cookie
 	$auth_secure_cookie = $secure_cookie;