diff --git a/frontend/src/components/Modals/Password/index.jsx b/frontend/src/components/Modals/Password/index.jsx
index e989868517275777220bdb887cb321b9d73b26c9..00fefe4edaee5946a45a0cb7a130aa772540c746 100644
--- a/frontend/src/components/Modals/Password/index.jsx
+++ b/frontend/src/components/Modals/Password/index.jsx
@@ -37,7 +37,7 @@ export default function PasswordModal({ mode = "single" }) {
 export function usePasswordModal() {
   const [auth, setAuth] = useState({
     loading: true,
-    required: false,
+    requiresAuth: false,
     mode: "single",
   });
 
diff --git a/frontend/src/pages/Login/index.jsx b/frontend/src/pages/Login/index.jsx
index ec5950cbe8bfe237aae7ca91b1b65a423d4c668c..cf8ab249300fe2fdc4fa3eabe161714677bcf0ed 100644
--- a/frontend/src/pages/Login/index.jsx
+++ b/frontend/src/pages/Login/index.jsx
@@ -1,9 +1,13 @@
 import React from "react";
 import PasswordModal, { usePasswordModal } from "@/components/Modals/Password";
 import { FullScreenLoader } from "@/components/Preloader";
+import { Navigate } from "react-router-dom";
+import paths from "@/utils/paths";
 
 export default function Login() {
-  const { loading, mode } = usePasswordModal();
+  const { loading, requiresAuth, mode } = usePasswordModal();
   if (loading) return <FullScreenLoader />;
+  if (requiresAuth === false) return <Navigate to={paths.home()} />;
+
   return <PasswordModal mode={mode} />;
 }
diff --git a/server/endpoints/system.js b/server/endpoints/system.js
index a6acf47e628018c2170e0faf5a842678bbcb02ea..d2a13d10f9a23c0773fdeca7554562aa75d5f63e 100644
--- a/server/endpoints/system.js
+++ b/server/endpoints/system.js
@@ -107,6 +107,8 @@ function systemEndpoints(app) {
 
   app.post("/request-token", async (request, response) => {
     try {
+      const bcrypt = require("bcrypt");
+
       if (await SystemSettings.isMultiUserMode()) {
         const { username, password } = reqBody(request);
         const existingUser = await User.get({ username });
@@ -121,7 +123,6 @@ function systemEndpoints(app) {
           return;
         }
 
-        const bcrypt = require("bcrypt");
         if (!bcrypt.compareSync(password, existingUser.password)) {
           response.status(200).json({
             user: null,
@@ -159,7 +160,12 @@ function systemEndpoints(app) {
         return;
       } else {
         const { password } = reqBody(request);
-        if (password !== process.env.AUTH_TOKEN) {
+        if (
+          !bcrypt.compareSync(
+            password,
+            bcrypt.hashSync(process.env.AUTH_TOKEN, 10)
+          )
+        ) {
           response.status(401).json({
             valid: false,
             token: null,
diff --git a/server/utils/middleware/validatedRequest.js b/server/utils/middleware/validatedRequest.js
index 275522bb9d8a87fef371656adc71fc91d4d86447..6f3df26dabbf22fe5f64026ac9354a9169e960e6 100644
--- a/server/utils/middleware/validatedRequest.js
+++ b/server/utils/middleware/validatedRequest.js
@@ -36,8 +36,9 @@ async function validatedRequest(request, response, next) {
     return;
   }
 
+  const bcrypt = require("bcrypt");
   const { p } = decodeJWT(token);
-  if (p !== process.env.AUTH_TOKEN) {
+  if (!bcrypt.compareSync(p, bcrypt.hashSync(process.env.AUTH_TOKEN, 10))) {
     response.status(401).json({
       error: "Invalid auth token found.",
     });