diff --git a/lib/SimpleSAML/SessionHandler.php b/lib/SimpleSAML/SessionHandler.php
index debfba0b5fbf4a92b5fbe1a53b5b96fb066d442d..8d14c0900a0a014ebcd0d465a48682bb4a12c390 100644
--- a/lib/SimpleSAML/SessionHandler.php
+++ b/lib/SimpleSAML/SessionHandler.php
@@ -62,9 +62,9 @@ abstract class SimpleSAML_SessionHandler
 
 
     /**
-     * Retrieve the session id of saved in the session cookie.
+     * Retrieve the session ID saved in the session cookie, if there's one.
      *
-     * @return string The session id saved in the cookie.
+     * @return string|null The session id saved in the cookie or null if no session cookie was set.
      */
     abstract public function getCookieSessionId();
 
diff --git a/lib/SimpleSAML/SessionHandlerCookie.php b/lib/SimpleSAML/SessionHandlerCookie.php
index f0b56ccd6bcb139cdfbf7ce909b03085cf226aaa..c8409a8d70a22c21bcd9d1cd02c77f931e5a267c 100644
--- a/lib/SimpleSAML/SessionHandlerCookie.php
+++ b/lib/SimpleSAML/SessionHandlerCookie.php
@@ -60,9 +60,9 @@ abstract class SimpleSAML_SessionHandlerCookie extends SimpleSAML_SessionHandler
 
 
     /**
-     * Retrieve the session id of saved in the session cookie.
+     * Retrieve the session ID saved in the session cookie, if there's one.
      *
-     * @return string The session id saved in the cookie.
+     * @return string|null The session id saved in the cookie or null if no session cookie was set.
      */
     public function getCookieSessionId()
     {
@@ -74,8 +74,8 @@ abstract class SimpleSAML_SessionHandlerCookie extends SimpleSAML_SessionHandler
 
             // check if we have a valid session id
             if (!self::isValidSessionID($this->session_id)) {
-                // we don't have a valid session. Create a new session id
-                return self::newSessionId();
+                // invalid, disregard this session
+                return null;
             }
         }
 
diff --git a/lib/SimpleSAML/SessionHandlerPHP.php b/lib/SimpleSAML/SessionHandlerPHP.php
index 7bc7a17a1cc19ed1d67ad2726c5379e9a4a64208..c8e9107d97a3ceada647bb210a95df7996e4d5ce 100644
--- a/lib/SimpleSAML/SessionHandlerPHP.php
+++ b/lib/SimpleSAML/SessionHandlerPHP.php
@@ -99,9 +99,9 @@ class SimpleSAML_SessionHandlerPHP extends SimpleSAML_SessionHandler
 
 
     /**
-     * Retrieve the session id of saved in the session cookie.
+     * Retrieve the session ID saved in the session cookie, if there's one.
      *
-     * @return string The session id saved in the cookie.
+     * @return string|null The session id saved in the cookie or null if no session cookie was set.
      *
      * @throws SimpleSAML_Error_Exception If the cookie is marked as secure but we are not using HTTPS.
      */
@@ -109,7 +109,7 @@ class SimpleSAML_SessionHandlerPHP extends SimpleSAML_SessionHandler
     {
         if (session_id() === '') {
             if (!self::hasSessionCookie()) {
-                return self::newSessionId();
+                return null;
             }
 
             $session_cookie_params = session_get_cookie_params();
diff --git a/lib/SimpleSAML/SessionHandlerStore.php b/lib/SimpleSAML/SessionHandlerStore.php
index ecf7154d7b749dee6883bd107baa20cfc75df134..90068808ce305d782fbdfcd6ac4cc4f6269148e3 100644
--- a/lib/SimpleSAML/SessionHandlerStore.php
+++ b/lib/SimpleSAML/SessionHandlerStore.php
@@ -43,6 +43,10 @@ class SimpleSAML_SessionHandlerStore extends SimpleSAML_SessionHandlerCookie
 
         if ($sessionId === null) {
             $sessionId = $this->getCookieSessionId();
+            if ($sessionId === null) {
+                // no session cookie, nothing to load
+                return null;
+            }
         }
 
         $session = $this->store->get('session', $sessionId);