diff --git a/helios/security.py b/helios/security.py
index 41d2e4869b26ba18a8d4571da747a9f40835b630..1a5a78df6e1ae875f2e0dd5b7379658dac8e3c52 100644
--- a/helios/security.py
+++ b/helios/security.py
@@ -26,8 +26,8 @@ def get_voter(request, user, election):
   return the current voter
   """
   voter = None
-  if request.session.has_key('CURRENT_VOTER'):
-    voter = request.session['CURRENT_VOTER']
+  if request.session.has_key('CURRENT_VOTER_ID'):
+    voter = Voter.objects.get(id=request.session['CURRENT_VOTER_ID'])
     if voter.election != election:
       voter = None
 
diff --git a/helios/views.py b/helios/views.py
index 9311f38799a282d491e7537de79f91a7e97eabdf..36e36200db8abfd8e0004126b44b93fb5190e558 100644
--- a/helios/views.py
+++ b/helios/views.py
@@ -591,7 +591,7 @@ def password_voter_login(request, election):
       voter = election.voter_set.get(voter_login_id = password_login_form.cleaned_data['voter_id'].strip(),
                                      voter_password = password_login_form.cleaned_data['password'].strip())
 
-      request.session['CURRENT_VOTER'] = voter
+      request.session['CURRENT_VOTER_ID'] = voter.id
 
       # if we're asked to cast, let's do it
       if request.POST.get('cast_ballot') == "1":
@@ -753,7 +753,7 @@ def one_election_cast_done(request, election):
       logout = settings.LOGOUT_ON_CONFIRMATION
     else:
       logout = False
-      del request.session['CURRENT_VOTER']
+      del request.session['CURRENT_VOTER_ID']
 
     save_in_session_across_logouts(request, 'last_vote_hash', vote_hash)
     save_in_session_across_logouts(request, 'last_vote_cv_url', cv_url)