diff --git a/webui/model/user/auth.php b/webui/model/user/auth.php
index 3b11513..df74dcc 100644
--- a/webui/model/user/auth.php
+++ b/webui/model/user/auth.php
@@ -576,7 +576,8 @@
    public function change_password($username = '', $password = '') {
       if($username == "" || $password == ""){ return 0; }
 
-      $query = $this->db->query("UPDATE " . TABLE_USER . " SET password=? WHERE uid=(SELECT uid FROM " . TABLE_EMAIL . " WHERE email=?)", array(crypt($password), $username));
+      $query = $this->db->query("UPDATE " . TABLE_USER . " SET password=? WHERE uid=(SELECT uid FROM " . TABLE_EMAIL . " WHERE email=?)",
+                                array(crypt($password, '$6$' . generate_random_string()), $username));
 
       $rc = $this->db->countAffected();
 
diff --git a/webui/model/user/user.php b/webui/model/user/user.php
index 074ea75..9979ffd 100644
--- a/webui/model/user/user.php
+++ b/webui/model/user/user.php
@@ -350,7 +350,7 @@
          return $user['username'];
       }
 
-      $encrypted_password = crypt($user['password']);
+      $encrypted_password = crypt($user['password'], '$6$' . generate_random_string());
 
       $samaccountname = '';
       if(isset($user['samaccountname'])) { $samaccountname = $user['samaccountname']; }