diff --git a/CHANGELOG.md b/CHANGELOG.md
index 4584821..34b8feb 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,5 +1,9 @@
 # Changelog
 
+## [0.5.1] - 2026-02-16
+### Fixed
+- Fernet key setup fuer EncryptedCookieStorage korrigiert (doppelte Base64-Kodierung)
+
 ## [0.5.0] - 2026-02-16
 ### Added
 - Benutzerverwaltung mit Session-basierter Authentifizierung
diff --git a/config.yaml b/config.yaml
index f46bde9..4cf6254 100644
--- a/config.yaml
+++ b/config.yaml
@@ -1,4 +1,4 @@
-version: "0.5.0"
+version: "0.5.1"
 
 bot:
   name: "MeshDD-Bot"
diff --git a/meshbot/auth.py b/meshbot/auth.py
index 7dec119..5dba912 100644
--- a/meshbot/auth.py
+++ b/meshbot/auth.py
@@ -28,8 +28,9 @@ def check_password(password: str, hashed: str) -> bool:
 
 def setup_session(app: web.Application):
     secret_key = config.get("auth.secret_key", "change-this-secret-key-32bytes!!")
-    # Fernet requires a 32-byte url-safe base64-encoded key
-    fernet_key = base64.urlsafe_b64encode(secret_key.encode("utf-8")[:32])
+    # EncryptedCookieStorage accepts a Fernet object directly
+    key_bytes = secret_key.encode("utf-8")[:32].ljust(32, b"\0")
+    fernet_key = Fernet(base64.urlsafe_b64encode(key_bytes))
     max_age = config.get("auth.session_max_age", 86400)
     storage = EncryptedCookieStorage(
         fernet_key,