diff --git a/config/session.php b/config/session.php
index d0ccd5a8..da692f3b 100644
--- a/config/session.php
+++ b/config/session.php
@@ -188,7 +188,7 @@
     |
     | This option determines how your cookies behave when cross-site requests
     | take place, and can be used to mitigate CSRF attacks. By default, we
-    | do not enable this as other CSRF protection services are in place.
+    | will set this value to "lax" since this is a secure default value.
     |
     | Supported: "lax", "strict", "none", null
     |