diff --git a/main.go b/main.go
index b3b6f73..c3e8cec 100644
--- a/main.go
+++ b/main.go
@@ -6,7 +6,9 @@ import (
 	"net/http"
 	"net/url"
 	"os"
+	"os/signal"
 	"path"
+	"syscall"
 
 	"github.com/Luzifer/rconfig"
 	"github.com/flosch/pongo2"
@@ -83,18 +85,26 @@ func init() {
 	mainCfg.Listen.Port = 8082
 }
 
-func main() {
+func loadConfiguration() error {
 	yamlSource, err := ioutil.ReadFile(cfg.ConfigFile)
 	if err != nil {
-		log.WithError(err).Fatal("Unable to read configuration file")
+		return fmt.Errorf("Unable to read configuration file: %s", err)
 	}
 
 	if err := yaml.Unmarshal(yamlSource, &mainCfg); err != nil {
-		log.WithError(err).Fatal("Unable to load configuration file")
+		return fmt.Errorf("Unable to load configuration file: %s", err)
 	}
 
 	if err := initializeAuthenticators(yamlSource); err != nil {
-		log.WithError(err).Fatal("Unable to configure authentication")
+		return fmt.Errorf("Unable to configure authentication: %s", err)
+	}
+
+	return nil
+}
+
+func main() {
+	if err := loadConfiguration(); err != nil {
+		log.WithError(err).Fatal("Unable to load configuration")
 	}
 
 	cookieStore = sessions.NewCookieStore([]byte(mainCfg.Cookie.AuthKey))
@@ -103,7 +113,25 @@ func main() {
 	http.HandleFunc("/login", handleLoginRequest)
 	http.HandleFunc("/logout", handleLogoutRequest)
 
-	http.ListenAndServe(fmt.Sprintf("%s:%d", mainCfg.Listen.Addr, mainCfg.Listen.Port), context.ClearHandler(http.DefaultServeMux))
+	go http.ListenAndServe(
+		fmt.Sprintf("%s:%d", mainCfg.Listen.Addr, mainCfg.Listen.Port),
+		context.ClearHandler(http.DefaultServeMux),
+	)
+
+	sigChan := make(chan os.Signal, 1)
+	signal.Notify(sigChan, syscall.SIGHUP)
+
+	for sig := range sigChan {
+		switch sig {
+		case syscall.SIGHUP:
+			if err := loadConfiguration(); err != nil {
+				log.WithError(err).Error("Unable to reload configuration")
+			}
+
+		default:
+			log.Fatalf("Received unexpected signal: %v", sig)
+		}
+	}
 }
 
 func handleAuthRequest(res http.ResponseWriter, r *http.Request) {
diff --git a/registry.go b/registry.go
index 3846321..0576383 100644
--- a/registry.go
+++ b/registry.go
@@ -72,12 +72,13 @@ func initializeAuthenticators(yamlSource []byte) error {
 	authenticatorRegistryMutex.Lock()
 	defer authenticatorRegistryMutex.Unlock()
 
+	tmp := []authenticator{}
 	for _, a := range authenticatorRegistry {
 		err := a.Configure(yamlSource)
 
 		switch err {
 		case nil:
-			activeAuthenticators = append(activeAuthenticators, a)
+			tmp = append(tmp, a)
 			log.WithFields(log.Fields{"authenticator": a.AuthenticatorID()}).Debug("Activated authenticator")
 		case errAuthenticatorUnconfigured:
 			log.WithFields(log.Fields{"authenticator": a.AuthenticatorID()}).Debug("Authenticator unconfigured")
@@ -87,10 +88,12 @@ func initializeAuthenticators(yamlSource []byte) error {
 		}
 	}
 
-	if len(activeAuthenticators) == 0 {
+	if len(tmp) == 0 {
 		return fmt.Errorf("No authenticator configurations supplied")
 	}
 
+	activeAuthenticators = tmp
+
 	return nil
 }