diff --git a/Pages/Login.cshtml.cs b/Pages/Login.cshtml.cs
index 137c08f..722f26a 100644
--- a/Pages/Login.cshtml.cs
+++ b/Pages/Login.cshtml.cs
@@ -8,7 +8,7 @@ using Microsoft.AspNetCore.Http;
 using Microsoft.AspNetCore.Mvc.RazorPages;
 using RTMPDash.DataModels;
 
-namespace RTMPDash.Pages; 
+namespace RTMPDash.Pages;
 
 public class LoginModel : PageModel {
 	public void OnPost() {
@@ -16,23 +16,27 @@ public class LoginModel : PageModel {
 			return;
 
 		using var db   = new AppDb.DbConn();
-		var       user = db.Users.FirstOrDefault(p => p.Username == Request.Form["user"].ToString() && p.Password == Request.Form["pass"].ToString().Sha256());
+		var       user = db.Users.FirstOrDefault(p => p.Username == Request.Form["user"].ToString());
+
 		if (user == null)
 			return;
 
+		if (user.Password != Request.Form["pass"].ToString().Sha256())
+			return;
+
 		HttpContext.Session.SetString("authenticatedUser", user.Username);
 	}
 }
 
 public static class StringExtensions {
 	public static string Sha256(this string rawData) {
-		// Create a SHA256   
+		// Create a SHA256
 		using var sha256Hash = SHA256.Create();
 
-		// ComputeHash - returns byte array  
+		// ComputeHash - returns byte array
 		var bytes = sha256Hash.ComputeHash(Encoding.UTF8.GetBytes(rawData));
 
-		// Convert byte array to a string   
+		// Convert byte array to a string
 		var builder = new StringBuilder();
 		for (var i = 0; i < bytes.Length; i++)
 			builder.Append(bytes[i].ToString("x2"));
@@ -72,4 +76,4 @@ public static class StringExtensions {
 		process.WaitForExit();
 		return result;
 	}
-}
\ No newline at end of file
+}