diff --git a/session_security/middleware.py b/session_security/middleware.py
index a8235fb..59b0d34 100644
--- a/session_security/middleware.py
+++ b/session_security/middleware.py
@@ -13,6 +13,7 @@
 
 import django
 from django.contrib.auth import logout
+from django.contrib import messages
 try: # Django 2.0
     from django.urls import reverse, resolve, Resolver404
 except: # Django < 2.0
@@ -25,7 +26,7 @@
     MiddlewareMixin = object
 
 from .utils import get_last_activity, set_last_activity
-from .settings import EXPIRE_AFTER, PASSIVE_URLS, PASSIVE_URL_NAMES
+from .settings import EXPIRE_AFTER, PASSIVE_URLS, PASSIVE_URL_NAMES, LOGOUT_MESSAGE
 
 
 class SessionSecurityMiddleware(MiddlewareMixin):
@@ -72,6 +73,8 @@ def process_request(self, request):
         delta = now - get_last_activity(request.session)
         expire_seconds = self.get_expire_seconds(request)
         if delta >= timedelta(seconds=expire_seconds):
+            if LOGOUT_MESSAGE:
+                messages.add_message(request, messages.WARNING, LOGOUT_MESSAGE)
             logout(request)
         elif (request.path == reverse('session_security_ping') and
                 'idleFor' in request.GET):
diff --git a/session_security/settings.py b/session_security/settings.py
index 8e15e66..b51c9ca 100644
--- a/session_security/settings.py
+++ b/session_security/settings.py
@@ -22,6 +22,11 @@
     thus cannot be described statically. NOTE: currently namespaces are not
     handled. Overridable in ``settings.SESSION_SECURITY_PASSIVE_URL_NAMES``.
 
+LOGOUT_MESSAGE
+    Message that will be shown after user has been logged out. Works using Django
+    messages framework. Default is ``None``, so no message will be added to the
+    request. Overridable in ``settings.SESSION_SECURITY_LOGOUT_MESSAGE``.
+
 SESSION_SECURITY_INSECURE
     Set this to True in your settings if you want the project to run without
     having to set SESSION_EXPIRE_AT_BROWSER_CLOSE=True, which you should
@@ -40,6 +45,8 @@
 
 PASSIVE_URL_NAMES = getattr(settings, 'SESSION_SECURITY_PASSIVE_URL_NAMES', [])
 
+LOGOUT_MESSAGE = getattr(settings, 'SESSION_SECURITY_LOGOUT_MESSAGE', None)
+
 expire_at_browser_close = getattr(
     settings,
     'SESSION_EXPIRE_AT_BROWSER_CLOSE',