diff --git a/demo/collections/Admin.js b/demo/collections/Admin.js
index 5c6faf3fa5..691b2d241d 100644
--- a/demo/collections/Admin.js
+++ b/demo/collections/Admin.js
@@ -23,6 +23,7 @@ module.exports = {
     tokenExpiration: 7200,
     useAPIKey: true,
     secureCookie: process.env.NODE_ENV === 'production',
+    sameSite: false, // 'strict', 'lax', 'none', true (strict)
   },
   fields: [
     {
diff --git a/demo/custom-index.html b/demo/custom-index.html
new file mode 100644
index 0000000000..5308bf84eb
--- /dev/null
+++ b/demo/custom-index.html
@@ -0,0 +1,15 @@
+<!DOCTYPE HTML>
+<html>
+
+<head>
+  <meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
+  <meta name="viewport" content="width=device-width, initial-scale=1" />
+  <meta name="application-name" content="My Payload Application" />
+</head>
+
+<body>
+  <div id="app"></div>
+  <div id="portal"></div>
+</body>
+
+</html>
diff --git a/demo/payload.config.js b/demo/payload.config.js
index c369e85223..fe45890a20 100644
--- a/demo/payload.config.js
+++ b/demo/payload.config.js
@@ -28,8 +28,9 @@ const GlobalWithStrictAccess = require('./globals/GlobalWithStrictAccess');
 module.exports = {
   admin: {
     user: 'admins',
+    // indexHTML: path.resolve(__dirname, 'custom-index.html'),
     meta: {
-      titleSuffix: '- Payload',
+      titleSuffix: '- Payload Demo',
       ogImage: '/static/find-image-here.jpg',
       favicon: '/img/whatever.png',
     },
@@ -40,10 +41,6 @@ module.exports = {
       },
     },
   },
-  csrf: [
-    'http://localhost:3000',
-    'https://other-app-here.com',
-  ],
   collections: [
     Admin,
     AllFields,
@@ -75,6 +72,10 @@ module.exports = {
   cookiePrefix: 'payload',
   serverURL: 'http://localhost:3000',
   cors: ['http://localhost', 'http://localhost:3000', 'http://localhost:8080', 'http://localhost:8081'],
+  csrf: [
+    'http://localhost:3000',
+    'https://other-app-here.com',
+  ],
   routes: {
     api: '/api',
     admin: '/admin',
diff --git a/package.json b/package.json
index 1d699dbc31..0a83200a4c 100644
--- a/package.json
+++ b/package.json
@@ -94,6 +94,7 @@
     "react-datepicker": "^2.13.0",
     "react-document-meta": "^3.0.0-beta.2",
     "react-dom": "^16.13.1",
+    "react-helmet": "^6.1.0",
     "react-hook-form": "^5.7.2",
     "react-router-dom": "^5.1.2",
     "react-router-navigation-prompt": "^1.8.11",
diff --git a/src/auth/operations/login.js b/src/auth/operations/login.js
index 5a0da4c224..90ef276db9 100644
--- a/src/auth/operations/login.js
+++ b/src/auth/operations/login.js
@@ -96,6 +96,10 @@ async function login(args) {
       cookieOptions.secure = true;
     }
 
+    if (collectionConfig.auth.sameSite) {
+      cookieOptions.sameSite = collectionConfig.auth.sameSite;
+    }
+
     if (args.req.headers && args.req.headers.origin && args.req.headers.origin.indexOf('localhost') === -1) {
       let domain = args.req.headers.origin.replace('https://', '');
       domain = domain.replace('http://', '');
diff --git a/src/client/components/templates/Default/index.js b/src/client/components/templates/Default/index.js
index 7c5ebfb3ad..d2df2164f7 100644
--- a/src/client/components/templates/Default/index.js
+++ b/src/client/components/templates/Default/index.js
@@ -3,6 +3,7 @@ import PropTypes from 'prop-types';
 import DefaultNav from '../../elements/Nav';
 import { StepNavProvider } from '../../elements/StepNav';
 import customComponents from '../../customComponents';
+import Meta from '../../utilities/Meta';
 
 import './index.scss';
 
@@ -19,6 +20,11 @@ const Default = ({ children, className }) => {
   return (
     <div className={classes}>
       <StepNavProvider>
+        <Meta
+          title="Dashboard"
+          description="Dashboard for Payload CMS"
+          keywords="Dashboard, Payload, CMS"
+        />
         <Nav />
         <div className={`${baseClass}__wrap`}>
           {children}
diff --git a/src/client/components/utilities/Meta/index.js b/src/client/components/utilities/Meta/index.js
new file mode 100644
index 0000000000..0f389c453d
--- /dev/null
+++ b/src/client/components/utilities/Meta/index.js
@@ -0,0 +1,73 @@
+import React from 'react';
+import PropTypes from 'prop-types';
+import Helmet from 'react-helmet';
+import config from 'payload/config';
+
+function Meta({ description, lang, meta, title, image, keywords }) {
+  const titleSuffix = config?.admin?.meta?.titleSuffix ?? '- Payload';
+  return (
+    <Helmet
+      htmlAttributes={{
+        lang,
+      }}
+      title={`${title} ${titleSuffix}`}
+      meta={[
+        {
+          name: 'description',
+          content: description,
+        },
+        {
+          name: 'keywords',
+          content: keywords,
+        },
+        {
+          property: 'og:title',
+          content: `${title} ${titleSuffix}`,
+        },
+        {
+          property: 'og:image',
+          content: image,
+        },
+        {
+          property: 'og:description',
+          content: description,
+        },
+        {
+          property: 'og:type',
+          content: 'website',
+        },
+        {
+          name: 'twitter:card',
+          content: 'summary',
+        },
+        {
+          name: 'twitter:title',
+          content: title,
+        },
+        {
+          name: 'twitter:description',
+          content: description,
+        },
+      ].concat(meta)}
+    />
+  );
+}
+
+Meta.defaultProps = {
+  lang: 'en',
+  meta: [],
+  description: '',
+  image: '/images/default-og.png',
+  keywords: 'CMS, Admin, Dashboard',
+};
+
+Meta.propTypes = {
+  description: PropTypes.string,
+  lang: PropTypes.string,
+  meta: PropTypes.arrayOf(PropTypes.object),
+  title: PropTypes.string.isRequired,
+  image: PropTypes.string,
+  keywords: PropTypes.string,
+};
+
+export default Meta;
diff --git a/src/client/components/views/Account/Default.js b/src/client/components/views/Account/Default.js
index e39c50ab7d..e869d0fd64 100644
--- a/src/client/components/views/Account/Default.js
+++ b/src/client/components/views/Account/Default.js
@@ -12,6 +12,7 @@ import CopyToClipboard from '../../elements/CopyToClipboard';
 import * as fieldTypes from '../../forms/field-types';
 import RenderTitle from '../../elements/RenderTitle';
 import LeaveWithoutSaving from '../../modals/LeaveWithoutSaving';
+import Meta from '../../utilities/Meta';
 import Auth from '../collections/Edit/Auth';
 import Loading from '../../elements/Loading';
 
@@ -57,6 +58,11 @@ const DefaultAccount = (props) => {
         disabled={!hasSavePermission}
       >
         <div className={`${baseClass}__main`}>
+          <Meta
+            title="Account"
+            description="Account of current user"
+            keywords="Account, Dashboard, Payload, CMS"
+          />
           <Eyebrow />
           <LeaveWithoutSaving />
           <div className={`${baseClass}__edit`}>
diff --git a/src/client/components/views/CreateFirstUser/index.js b/src/client/components/views/CreateFirstUser/index.js
index d4ae943601..80e8845861 100644
--- a/src/client/components/views/CreateFirstUser/index.js
+++ b/src/client/components/views/CreateFirstUser/index.js
@@ -2,6 +2,7 @@ import React from 'react';
 import PropTypes from 'prop-types';
 import config from 'payload/config';
 import MinimalTemplate from '../../templates/Minimal';
+import Meta from '../../utilities/Meta';
 import Form from '../../forms/Form';
 import RenderFields from '../../forms/RenderFields';
 import * as fieldTypes from '../../forms/field-types';
@@ -48,6 +49,11 @@ const CreateFirstUser = (props) => {
     <MinimalTemplate className={baseClass}>
       <h1>Welcome</h1>
       <p>To begin, create your first user.</p>
+      <Meta
+        title="Create First User"
+        description="Create first user"
+        keywords="Create, Payload, CMS"
+      />
       <Form
         onSuccess={onSuccess}
         method="POST"
diff --git a/src/client/components/views/ForgotPassword/index.js b/src/client/components/views/ForgotPassword/index.js
index d9da003ed0..45ae693e3f 100644
--- a/src/client/components/views/ForgotPassword/index.js
+++ b/src/client/components/views/ForgotPassword/index.js
@@ -7,6 +7,7 @@ import Form from '../../forms/Form';
 import Email from '../../forms/field-types/Email';
 import FormSubmit from '../../forms/Submit';
 import Button from '../../elements/Button';
+import Meta from '../../utilities/Meta';
 import { useUser } from '../../data/User';
 
 import './index.scss';
@@ -42,6 +43,12 @@ const ForgotPassword = () => {
   if (user) {
     return (
       <MinimalTemplate className={baseClass}>
+        <Meta
+          title="Forgot Password"
+          description="Forgot password"
+          keywords="Forgot, Password, Payload, CMS"
+        />
+
         <h1>You&apos;re already logged in</h1>
         <p>
           To change your password, go to your
diff --git a/src/client/components/views/Global/Default.js b/src/client/components/views/Global/Default.js
index 17b3a3ba02..1efcc742db 100644
--- a/src/client/components/views/Global/Default.js
+++ b/src/client/components/views/Global/Default.js
@@ -7,6 +7,7 @@ import PreviewButton from '../../elements/PreviewButton';
 import FormSubmit from '../../forms/Submit';
 import RenderFields from '../../forms/RenderFields';
 import CopyToClipboard from '../../elements/CopyToClipboard';
+import Meta from '../../utilities/Meta';
 import * as fieldTypes from '../../forms/field-types';
 import LeaveWithoutSaving from '../../modals/LeaveWithoutSaving';
 
@@ -39,6 +40,11 @@ const DefaultGlobalView = (props) => {
         initialState={initialState}
       >
         <div className={`${baseClass}__main`}>
+          <Meta
+            title={label}
+            description={label}
+            keywords={`${label}, Payload, CMS`}
+          />
           <Eyebrow />
           <LeaveWithoutSaving />
           <div className={`${baseClass}__edit`}>
diff --git a/src/client/components/views/Login/index.js b/src/client/components/views/Login/index.js
index 303d4a2d62..38583d8366 100644
--- a/src/client/components/views/Login/index.js
+++ b/src/client/components/views/Login/index.js
@@ -8,6 +8,7 @@ import Email from '../../forms/field-types/Email';
 import Password from '../../forms/field-types/Password';
 import FormSubmit from '../../forms/Submit';
 import Button from '../../elements/Button';
+import Meta from '../../utilities/Meta';
 import { useUser } from '../../data/User';
 
 import './index.scss';
@@ -30,6 +31,11 @@ const Login = () => {
   if (user) {
     return (
       <MinimalTemplate className={baseClass}>
+        <Meta
+          title="Login"
+          description="Login user"
+          keywords="Login, Payload, CMS"
+        />
         <div className={`${baseClass}__wrap`}>
           <h1>Already logged in</h1>
           <p>
@@ -54,6 +60,11 @@ const Login = () => {
 
   return (
     <MinimalTemplate className={baseClass}>
+      <Meta
+        title="Login"
+        description="Login user"
+        keywords="Login, Payload, CMS"
+      />
       <div className={`${baseClass}__brand`}>
         <Logo />
       </div>
diff --git a/src/client/components/views/Logout/index.js b/src/client/components/views/Logout/index.js
index a821ac28e5..d455d85d84 100644
--- a/src/client/components/views/Logout/index.js
+++ b/src/client/components/views/Logout/index.js
@@ -4,6 +4,7 @@ import config from 'payload/config';
 import { useUser } from '../../data/User';
 import Minimal from '../../templates/Minimal';
 import Button from '../../elements/Button';
+import Meta from '../../utilities/Meta';
 
 import './index.scss';
 
@@ -22,6 +23,11 @@ const Logout = (props) => {
 
   return (
     <Minimal className={baseClass}>
+      <Meta
+        title="Logout"
+        description="Logout user"
+        keywords="Logout, Payload, CMS"
+      />
       <div className={`${baseClass}__wrap`}>
         {inactivity && (
           <h2>You have been logged out due to inactivity.</h2>
diff --git a/src/client/components/views/NotFound/index.js b/src/client/components/views/NotFound/index.js
index b6700cc661..265d6ea51c 100644
--- a/src/client/components/views/NotFound/index.js
+++ b/src/client/components/views/NotFound/index.js
@@ -3,6 +3,7 @@ import config from 'payload/config';
 import Eyebrow from '../../elements/Eyebrow';
 import { useStepNav } from '../../elements/StepNav';
 import Button from '../../elements/Button';
+import Meta from '../../utilities/Meta';
 
 const { routes: { admin } } = config;
 
@@ -17,6 +18,11 @@ const NotFound = () => {
 
   return (
     <div className="not-found">
+      <Meta
+        title="Not Found"
+        description="Page not found"
+        keywords="404, Not found, Payload, CMS"
+      />
       <Eyebrow />
       <h1>Nothing found</h1>
       <p>Sorry&mdash;there is nothing to correspond with your request.</p>
diff --git a/src/client/components/views/ResetPassword/index.js b/src/client/components/views/ResetPassword/index.js
index e0eb5a48b1..02d5624ae3 100644
--- a/src/client/components/views/ResetPassword/index.js
+++ b/src/client/components/views/ResetPassword/index.js
@@ -7,6 +7,7 @@ import Password from '../../forms/field-types/Password';
 import ConfirmPassword from '../../forms/field-types/ConfirmPassword';
 import FormSubmit from '../../forms/Submit';
 import Button from '../../elements/Button';
+import Meta from '../../utilities/Meta';
 import { useUser } from '../../data/User';
 
 import './index.scss';
@@ -31,6 +32,12 @@ const ResetPassword = () => {
   if (user) {
     return (
       <MinimalTemplate className={baseClass}>
+        <Meta
+          title="Reset Password"
+          description="Reset password"
+          keywords="Reset Password, Payload, CMS"
+        />
+
         <div className={`${baseClass}__wrap`}>
           <h1>Already logged in</h1>
           <p>
diff --git a/src/client/components/views/Unauthorized/index.js b/src/client/components/views/Unauthorized/index.js
index c521c68258..50e157bb4a 100644
--- a/src/client/components/views/Unauthorized/index.js
+++ b/src/client/components/views/Unauthorized/index.js
@@ -1,24 +1,26 @@
 import React from 'react';
 import config from 'payload/config';
 import Button from '../../elements/Button';
+import Meta from '../../utilities/Meta';
 import MinimalTemplate from '../../templates/Minimal';
 
 const { routes: { admin } } = config;
 
-const Unauthorized = () => {
-  return (
-    <MinimalTemplate className="unauthorized">
-      <h1>Not authorized</h1>
-      <p>You are not allowed to access this page.</p>
-      <br />
-      <Button
-        el="link"
-        to={`${admin}/logout`}
-      >
-        Log out
-      </Button>
-    </MinimalTemplate>
-  );
-};
-
+const Unauthorized = () => (
+  <MinimalTemplate className="unauthorized">
+    <Meta
+      title="Unauthorized"
+      description="Unauthorized"
+      keywords="Unauthorized, Payload, CMS"
+    />
+    <p>You are not allowed to access this page.</p>
+    <br />
+    <Button
+      el="link"
+      to={`${admin}/logout`}
+    >
+      Log out
+    </Button>
+  </MinimalTemplate>
+);
 export default Unauthorized;
diff --git a/src/client/components/views/collections/Edit/Default.js b/src/client/components/views/collections/Edit/Default.js
index 89c947207e..a950838b71 100644
--- a/src/client/components/views/collections/Edit/Default.js
+++ b/src/client/components/views/collections/Edit/Default.js
@@ -12,6 +12,7 @@ import RenderFields from '../../../forms/RenderFields';
 import CopyToClipboard from '../../../elements/CopyToClipboard';
 import DuplicateDocument from '../../../elements/DuplicateDocument';
 import DeleteDocument from '../../../elements/DeleteDocument';
+import Meta from '../../../utilities/Meta';
 import * as fieldTypes from '../../../forms/field-types';
 import RenderTitle from '../../../elements/RenderTitle';
 import LeaveWithoutSaving from '../../../modals/LeaveWithoutSaving';
@@ -69,6 +70,11 @@ const DefaultEditView = (props) => {
         initialState={initialState}
       >
         <div className={`${baseClass}__main`}>
+          <Meta
+            title={`${isEditing ? 'Editing' : 'Creating'} - ${collection.labels.singular}`}
+            description={`${isEditing ? 'Editing' : 'Creating'} - ${collection.labels.singular}`}
+            keywords={`${collection.labels.singular}, Payload, CMS`}
+          />
           <Eyebrow />
           <LeaveWithoutSaving />
           <div className={`${baseClass}__edit`}>
diff --git a/src/client/components/views/collections/List/Default.js b/src/client/components/views/collections/List/Default.js
index 9e0a0e9db2..fef8ed8d62 100644
--- a/src/client/components/views/collections/List/Default.js
+++ b/src/client/components/views/collections/List/Default.js
@@ -10,6 +10,7 @@ import Pill from '../../../elements/Pill';
 import Button from '../../../elements/Button';
 import SortColumn from '../../../elements/SortColumn';
 import Table from '../../../elements/Table';
+import Meta from '../../../utilities/Meta';
 import Cell from './Cell';
 
 import './index.scss';
@@ -42,6 +43,9 @@ const DefaultList = (props) => {
 
   return (
     <div className={baseClass}>
+      <Meta
+        title={collection.labels.plural}
+      />
       <Eyebrow />
       <div className={`${baseClass}__wrap`}>
         <header className={`${baseClass}__header`}>
diff --git a/src/collections/init.js b/src/collections/init.js
index 09816b2b91..c2c57f2bc7 100644
--- a/src/collections/init.js
+++ b/src/collections/init.js
@@ -2,7 +2,7 @@ const mongoose = require('mongoose');
 const express = require('express');
 const mongooseHidden = require('mongoose-hidden')({
   hidden: {
-    salt: true, hash: true, _id: true, __v: true,
+    _id: true, __v: true,
   },
   applyRecursively: true,
 });
@@ -21,6 +21,8 @@ function registerCollections() {
 
     if (collection.auth) {
       schema.plugin(passportLocalMongoose, { usernameField: 'email' });
+      schema.path('hash').options.hide = true;
+      schema.path('salt').options.hide = true;
     }
 
     schema.plugin(mongooseHidden);
diff --git a/src/webpack/getWebpackDevConfig.js b/src/webpack/getWebpackDevConfig.js
index 904b4a3bd1..71d03ad758 100644
--- a/src/webpack/getWebpackDevConfig.js
+++ b/src/webpack/getWebpackDevConfig.js
@@ -128,7 +128,7 @@ module.exports = (config) => {
 
   const plugins = [
     new HtmlWebpackPlugin({
-      template: path.resolve(__dirname, '../client/index.html'),
+      template: config.admin && config.admin.indexHTML ? config.admin.indexHTML : path.resolve(__dirname, '../client/index.html'),
       filename: './index.html',
     }),
     new webpack.HotModuleReplacementPlugin(),
diff --git a/src/webpack/getWebpackProdConfig.js b/src/webpack/getWebpackProdConfig.js
index 52523c24c0..9b52bf2bf9 100644
--- a/src/webpack/getWebpackProdConfig.js
+++ b/src/webpack/getWebpackProdConfig.js
@@ -119,7 +119,7 @@ module.exports = (config) => {
   const plugins = [
     // new BundleAnalyzerPlugin(),
     new HtmlWebpackPlugin({
-      template: path.resolve(__dirname, '../client/index.html'),
+      template: config.admin && config.admin.indexHTML ? config.admin.indexHTML : path.resolve(__dirname, '../client/index.html'),
       filename: './index.html',
       minify: true,
     }),
diff --git a/yarn.lock b/yarn.lock
index 78912950d0..f97e1e5dcb 100644
--- a/yarn.lock
+++ b/yarn.lock
@@ -9406,6 +9406,21 @@ react-dom@^16.13.1:
     prop-types "^15.6.2"
     scheduler "^0.19.1"
 
+react-fast-compare@^3.1.1:
+  version "3.2.0"
+  resolved "https://registry.yarnpkg.com/react-fast-compare/-/react-fast-compare-3.2.0.tgz#641a9da81b6a6320f270e89724fb45a0b39e43bb"
+  integrity sha512-rtGImPZ0YyLrscKI9xTpV8psd6I8VAtjKCzQDlzyDvqJA8XOW78TXYQwNRNd8g8JZnDu8q9Fu/1v4HPAVwVdHA==
+
+react-helmet@^6.1.0:
+  version "6.1.0"
+  resolved "https://registry.yarnpkg.com/react-helmet/-/react-helmet-6.1.0.tgz#a750d5165cb13cf213e44747502652e794468726"
+  integrity sha512-4uMzEY9nlDlgxr61NL3XbKRy1hEkXmKNXhjbAIOVw5vcFrsdYbH2FEwcNyWvWinl103nXgzYNlns9ca+8kFiWw==
+  dependencies:
+    object-assign "^4.1.1"
+    prop-types "^15.7.2"
+    react-fast-compare "^3.1.1"
+    react-side-effect "^2.1.0"
+
 react-hook-form@^5.7.2:
   version "5.7.2"
   resolved "https://registry.yarnpkg.com/react-hook-form/-/react-hook-form-5.7.2.tgz#a84e259e5d37dd30949af4f79c4dac31101b79ac"
@@ -9507,6 +9522,11 @@ react-side-effect@^1.1.0:
   dependencies:
     shallowequal "^1.0.1"
 
+react-side-effect@^2.1.0:
+  version "2.1.0"
+  resolved "https://registry.yarnpkg.com/react-side-effect/-/react-side-effect-2.1.0.tgz#1ce4a8b4445168c487ed24dab886421f74d380d3"
+  integrity sha512-IgmcegOSi5SNX+2Snh1vqmF0Vg/CbkycU9XZbOHJlZ6kMzTmi3yc254oB1WCkgA7OQtIAoLmcSFuHTc/tlcqXg==
+
 react-transition-group@^4.3.0:
   version "4.4.1"
   resolved "https://registry.yarnpkg.com/react-transition-group/-/react-transition-group-4.4.1.tgz#63868f9325a38ea5ee9535d828327f85773345c9"