diff --git a/lib/reducers/keyserver-reducer.js b/lib/reducers/keyserver-reducer.js
--- a/lib/reducers/keyserver-reducer.js
+++ b/lib/reducers/keyserver-reducer.js
@@ -80,6 +80,7 @@
 export default function reduceKeyserverStore(
   state: KeyserverStore,
   action: BaseAction,
+  initialStateLoaded: boolean,
 ): {
   keyserverStore: KeyserverStore,
   keyserverStoreOperations: $ReadOnlyArray<KeyserverStoreOperation>,
@@ -114,6 +115,18 @@
   } else if (action.type === setNewSessionActionType) {
     const { keyserverID, sessionChange } = action.payload;
     const gotUserCookie = sessionChange.cookie?.startsWith('user=');
+    const gotAnonymousCookie = sessionChange.cookie?.startsWith('anonymous=');
+
+    if (!initialStateLoaded && gotAnonymousCookie) {
+      // There is a chance of calling keyserver before the initial state is
+      // loaded. In that case client could receive an anonymous cookie, which
+      // should be ignored to avoid logging the user out.
+      return {
+        keyserverStore: state,
+        keyserverStoreOperations: [],
+      };
+    }
+
     if (!state.keyserverInfos[keyserverID]) {
       if (gotUserCookie) {
         console.log(
@@ -128,7 +141,13 @@
     }
 
     let newKeyserverInfo = state.keyserverInfos[keyserverID];
-    if (sessionChange.cookie !== undefined) {
+
+    // Changing from user to anonymous cookie should happen only in
+    // case of the cookie being invalidated.
+    const hasUserCookie = newKeyserverInfo.cookie?.startsWith('user=');
+    const invalidCookieDowngrade =
+      hasUserCookie && gotAnonymousCookie && !sessionChange.cookieInvalidated;
+    if (sessionChange.cookie !== undefined && !invalidCookieDowngrade) {
       newKeyserverInfo = {
         ...newKeyserverInfo,
         cookie: sessionChange.cookie,
diff --git a/lib/reducers/keyserver-reducer.test.js b/lib/reducers/keyserver-reducer.test.js
--- a/lib/reducers/keyserver-reducer.test.js
+++ b/lib/reducers/keyserver-reducer.test.js
@@ -38,7 +38,7 @@
     };
 
     expect(
-      reduceKeyserverStore(oldKeyserverStore, deleteAccountAction)
+      reduceKeyserverStore(oldKeyserverStore, deleteAccountAction, false)
         .keyserverStore,
     ).toEqual({ keyserverInfos: { ['0']: defaultKeyserverInfo('url1') } });
   });
@@ -77,7 +77,7 @@
     };
 
     expect(
-      reduceKeyserverStore(oldKeyserverStore, deleteAccountAction)
+      reduceKeyserverStore(oldKeyserverStore, deleteAccountAction, false)
         .keyserverStore.keyserverInfos[authoritativeKeyserverID()].connection
         .connectionIssue,
     ).toEqual(null);
@@ -118,7 +118,7 @@
     };
 
     expect(
-      reduceKeyserverStore(oldKeyserverStore, deleteAccountAction)
+      reduceKeyserverStore(oldKeyserverStore, deleteAccountAction, false)
         .keyserverStore.keyserverInfos[authoritativeKeyserverID()].connection
         .connectionIssue,
     ).toEqual('client_version_unsupported');
diff --git a/lib/reducers/master-reducer.js b/lib/reducers/master-reducer.js
--- a/lib/reducers/master-reducer.js
+++ b/lib/reducers/master-reducer.js
@@ -86,6 +86,7 @@
   let { keyserverStore, keyserverStoreOperations } = reduceKeyserverStore(
     state.keyserverStore,
     action,
+    state.initialStateLoaded,
   );
 
   if (