diff --git a/backend/security.py b/backend/security.py
index 80ec107..a392aaa 100644
--- a/backend/security.py
+++ b/backend/security.py
@@ -1,4 +1,5 @@
 from os import getenv
+from secrets import compare_digest
 from typing import Annotated
 
 from fastapi import Depends, HTTPException, Request
@@ -29,7 +30,7 @@ async def check_auth(
     user_index = usernames.index(credentials.username)
     password = passwords[user_index]
 
-    if credentials.password != password:
+    if not compare_digest(credentials.password.encode(), password.encode()):
         raise http_401()
 
     return credentials