diff --git a/client/security.coffee b/client/security.coffee
index f2204d5..07bb0cc 100644
--- a/client/security.coffee
+++ b/client/security.coffee
@@ -82,6 +82,8 @@ update_footer = (ownerName, isAuthenticated) ->
         $('footer > #security > #addAltAuth').click (e) ->
           e.preventDefault
 
+          document.cookie = "wikiName=#{window.location.host}" + ";domain=.#{settings.cookieDomain}; path=/; max-age=300;"
+
           w = WinChan.open({
             url: settings.dialogAddAltURL
             relay_url: settings.relayURL
@@ -129,6 +131,8 @@ update_footer = (ownerName, isAuthenticated) ->
     $('footer > #security > #show-security-dialog').click (e) ->
       e.preventDefault()
 
+      document.cookie = "wikiName=#{window.location.host}" + ";domain=.#{settings.cookieDomain}; path=/; max-age=300;"
+
       w = WinChan.open({
         url: settings.dialogURL
         relay_url: settings.relayURL
diff --git a/package.json b/package.json
index dbd6d24..da3338e 100644
--- a/package.json
+++ b/package.json
@@ -5,22 +5,22 @@
   "author": "Paul Rodwell <paul.rodwell@btinternet.com> (http://rodwell.me)",
   "license": "MIT",
   "dependencies": {
-    "coffee-script": "^1.12.4",
-    "es6-promise": "^4.1.0",
+    "coffeescript": "^1.12.7",
+    "es6-promise": "^4.1.1",
     "lodash": "^4.17.4",
-    "passport": "^0.3.2",
+    "passport": "^0.4.0",
     "passport-github": "^1.1.0",
     "passport-google-oauth20": "^1.0.0",
     "passport-twitter": "^1.0.4",
     "persona-pass": "^0.2.1",
-    "qs": "^6.4.0",
+    "qs": "^6.5.1",
     "whatwg-fetch": "^2.0.3"
   },
   "devDependencies": {
-    "coffeeify": "^2.1.0",
+    "coffeeify": "^3.0.1",
     "grunt": "^1.0.1",
-    "grunt-browserify": "~5",
-    "grunt-contrib-watch": "~1",
+    "grunt-browserify": "^5.2.0",
+    "grunt-contrib-watch": "^1.0.0",
     "grunt-git-authors": "^3.2.0",
     "grunt-nsp": "*",
     "grunt-retire": "^1.0.7"
diff --git a/server/social.coffee b/server/social.coffee
index 25a77a8..daccf07 100644
--- a/server/social.coffee
+++ b/server/social.coffee
@@ -308,7 +308,7 @@ module.exports = exports = (log, loga, argv) ->
       res.json settings
 
     app.get '/auth/loginDialog', (req, res) ->
-      referer = req.headers.referer
+      cookies = req.cookies
       schemeButtons = []
       _(ids).forEach (scheme) ->
         switch scheme
@@ -317,10 +317,7 @@ module.exports = exports = (log, loga, argv) ->
           when "google" then schemeButtons.push({button: "<a href='/auth/google' class='scheme-button google-button'><span>Google</span></a>"})
 
       info = {
-        wikiName: if useHttps
-          url.parse(referer).hostname
-        else
-          url.parse(referer).host
+        wikiName: cookies['wikiName']
         wikiHostName: if wikiHost
           "part of " + req.hostname + " wiki farm"
         else
@@ -332,7 +329,7 @@ module.exports = exports = (log, loga, argv) ->
       res.render(path.join(__dirname, '..', 'views', 'securityDialog.html'), info)
 
     app.get '/auth/personaLogin', (req, res) ->
-      referer = req.headers.referer
+      cookies = req.cookies
       schemeButtons = []
       if Date.now() < personaEnd
         schemeButtons.push({
@@ -350,10 +347,7 @@ module.exports = exports = (log, loga, argv) ->
                     });
                    </script>"})
         info = {
-          wikiName: if useHttps
-            url.parse(referer).hostname
-          else
-            url.parse(referer).host
+          wikiName: cookies['wikiName']
           wikiHostName: if wikiHost
             "part of " + req.hostname + " wiki farm"
           else
@@ -365,10 +359,7 @@ module.exports = exports = (log, loga, argv) ->
         }
       else
         info = {
-          wikiName: if useHttps
-            url.parse(referer).hostname
-          else
-            url.parse(referer).host
+          wikiName: cookies['wikiName']
           wikiHostName: if wikiHost
             "part of " + req.hostname + " wiki farm"
           else
@@ -379,15 +370,10 @@ module.exports = exports = (log, loga, argv) ->
       res.render(path.join(__dirname, '..', 'views', 'personaDialog.html'), info)
 
     app.get '/auth/loginDone', (req, res) ->
-      referer = req.headers.referer
-      if referer is undefined
-        referer = ''
+      cookies = req.cookies
 
       info = {
-        wikiName: if useHttps
-          url.parse(referer).hostname
-        else
-          url.parse(referer).host
+        wikiName: cookies['wikiName']
         wikiHostName: if wikiHost
           "part of " + req.hostname + " wiki farm"
         else
@@ -406,7 +392,8 @@ module.exports = exports = (log, loga, argv) ->
       # this the user is authenticated
       user = getUser(req)
       if user
-        referer = req.headers.referer
+        cookies = req.cookies
+
 
         currentSchemes = _.keys(user)
         altSchemes = _.difference(ids, currentSchemes)
@@ -419,10 +406,7 @@ module.exports = exports = (log, loga, argv) ->
             when "google" then schemeButtons.push({button: "<a href='/auth/google' class='scheme-button google-button'><span>Google</span></a>"})
 
         info = {
-          wikiName: if useHttps
-            url.parse(referer).hostname
-          else
-            url.parse(referer).host
+          wikiName: cookies['wikiName']
           wikiHostName: if wikiHost
             "part of " + req.hostname + " wiki farm"
           else