diff --git a/app/auth/models.py b/app/auth/models.py
index ec19d16..27763ed 100644
--- a/app/auth/models.py
+++ b/app/auth/models.py
@@ -1,6 +1,7 @@
 from pprint import pprint
 
-from flask_login import UserMixin, current_user
+from werkzeug.security import generate_password_hash, check_password_hash
+from flask_login import UserMixin
 from app.models import db
 
 #
@@ -47,8 +48,8 @@ class User(UserMixin, db.Model):
     email = db.Column(db.String(100), unique=True)
     name = db.Column(db.String(100))
     login = db.Column(db.String(100), unique=True)
-    password = db.Column(db.String(100))
     role = db.Column(db.Integer, default=0)
+    password_hash = db.Column(db.String(128))
 
     def __repr__(self):
         return "i: {}, n: {}, e: {}, l: {}".format(self.id, self.name, self.email, self.login)
@@ -68,3 +69,9 @@ class User(UserMixin, db.Model):
     def has_role_or_higher(self, role):
         role = _checkRole(role)
         return self.role and (self.role >= role)
+
+    def set_password(self, password):
+        self.password_hash = generate_password_hash(password)
+
+    def check_password(self, password):
+        return check_password_hash(self.password_hash, password)
diff --git a/tests/backend_tests.py b/tests/backend_tests.py
index 8e8ae0b..78f73ad 100644
--- a/tests/backend_tests.py
+++ b/tests/backend_tests.py
@@ -5,8 +5,6 @@ from app import create_app, db_mgr, db
 from app.auth.models import User
 
 
-
-
 class BaseTestCase(unittest.TestCase):
     def setUp(self):
         # configure data base
@@ -83,3 +81,10 @@ class AuthModelTestCase(BaseTestCase):
         admin = self.get_admin()
         with self.assertRaises(ValueError) as ve:
             admin.set_role("NOSUCHROLE")
+
+    def test_setcheckpassword(self):
+        admin = self.get_admin()
+        admin.set_password("hahaha")
+        db.session.commit()
+        admin2 = self.get_admin()
+        self.assertTrue(admin2.check_password("hahaha"))
--
libgit2 0.21.2