diff --git a/modules/login.py b/modules/login.py
index 7aa6f33c14b8e4271449280e3e3ff2a234879b7c..77d9b8a97f8820d6f10640a08eaa963af407d805 100644
--- a/modules/login.py
+++ b/modules/login.py
@@ -5,7 +5,7 @@ from flask import Blueprint, jsonify, request, current_app
 from database import database as db
 from modules.tools.token import Token, validate_login_token
 from modules.tools.roles import Roles
-
+from werkzeug.security import check_password_hash
 login_route = Blueprint('login', __name__, template_folder="templates")
 
 
@@ -17,8 +17,8 @@ def login_user():
     # TO DO : seed and hash the password
     
     user = db.User.objects(username=username)
-
-    if len(user) > 0 and user[0].password == password:
+    is_password_match = check_password_hash(user[0].password, password)
+    if len(user) > 0 and is_password_match :
         key = current_app.config.get("SECRET_KEY")
         token = Token.generate_from(user[0].id, key)
 
diff --git a/modules/register.py b/modules/register.py
index aa30c164daa15dc962d73e93db850497d21f3631..ee754221e21083c3e478a31ffbb9b5352f7caaf7 100644
--- a/modules/register.py
+++ b/modules/register.py
@@ -2,6 +2,7 @@ from flask import Blueprint, jsonify, request, current_app
 from database import database as db
 from modules.tools.token import Token, validate_login_token
 from modules.tools.roles import Roles
+from werkzeug.security import generate_password_hash, check_password_hash
 
 register_route = Blueprint('register', __name__, template_folder="templates")
 
@@ -11,12 +12,14 @@ def add_new_user():
     form = request.get_json()
     user_id = form.get("user_id")
     password = form.get("password")
+    #hashing paswword 
+    hash_pass = generate_password_hash(password);
     username = form.get("username")
     name = form.get("name")
     role = form.get("role")
     #TO DO: Check the database or add constraints
     try:
-        new_user = db.User(user_id=user_id, password=password, username=username, name=name, role=role)
+        new_user = db.User(user_id=user_id, password=hash_pass, username=username, name=name, role=role)
         key = current_app.config.get("SECRET_KEY")
         token = Token.generate_from(user_id, key)
         new_user.save()
@@ -33,6 +36,8 @@ def add_new_user():
         })
 
 
+
+
 @register_route.route('/api/unregister', methods=["POST"])
 @validate_login_token(pass_user=True)
 def delete_user(user):