diff --git a/inc/controllers/AdminController.class.php b/inc/controllers/AdminController.class.php
index 4e82a97..49c7cb1 100644
--- a/inc/controllers/AdminController.class.php
+++ b/inc/controllers/AdminController.class.php
@@ -144,7 +144,7 @@ class AdminController extends Controller
 								$av = $user_info['avatar']; //if new avatar is not set
 					
 						if ($_POST['passwd'] != '')
-							$this->getModel('UsersModel')->changeUserPassword($_GET['id'], sha1($_POST['passwd']));
+							$this->getModel('UsersModel')->changeUserPassword($_GET['id'], $user_info['nick'], $_POST['passwd']);
 						
 						$this->getModel('UsersModel')->changeUserRank($_GET['id'], $_POST['user_rank']);
 						$this->getModel('UsersModel')->updateUserProfile($_GET['id'], $_POST['nick'], $_POST['email'], $_POST['location'], $_POST['signature'], $av);
diff --git a/inc/controllers/MainController.class.php b/inc/controllers/MainController.class.php
index f4aa952..45117a2 100644
--- a/inc/controllers/MainController.class.php
+++ b/inc/controllers/MainController.class.php
@@ -39,6 +39,7 @@ class MainController extends Controller
 	public function main()
 	{
 		$this->loadDependencies();
+		$this->loadModel('UsersModel');
 		$this->getView('MainView')->main();
 	}
 	
@@ -538,7 +539,7 @@ class MainController extends Controller
 		
 				if ($_POST['email'] != $user_info['email'] || $_POST['passwd'] != '')
 				{
-					if (sha1($_POST['passwd_old']) != $user_info['password'])
+					if ($this->getModel('UsersModel')->generatePasswordHash($user_info['nick'], $_POST['passwd_old']) != $user_info['password'])
 						$msg .= 'Old password is incorrect!<br>';
 				}
 				if ($_POST['passwd'] != '')
@@ -590,7 +591,7 @@ class MainController extends Controller
 							$av = $user_info['avatar']; //if new avatar is not set
 					
 					if ($_POST['passwd'] != '')
-						$this->getModel('UsersModel')->changeUserPassword($this->getModel('SessionModel')->getID(), sha1($_POST['passwd']));
+						$this->getModel('UsersModel')->changeUserPassword($this->getModel('SessionModel')->getID(), $user_info['nick'], $_POST['passwd']);
 					
 					$this->getModel('UsersModel')->updateUserProfile($this->getModel('SessionModel')->getID(), '', $_POST['email'], $_POST['location'], $_POST['signature'], $av);
 					$this->getView('MainView')->forum_message('Your profile has changed.', buildURL('index.php?mode=viewprofile&amp;id='.$this->getModel('SessionModel')->getID()));
@@ -627,6 +628,7 @@ class MainController extends Controller
 	{
 		$this->loadDependencies();
 		$this->loadModel('BansModel');
+		$this->loadModel('UsersModel');
 		
 		if ($this->getModel('SessionModel')->isLogged())
 			$this->forward(buildURL('index.php'));
@@ -636,7 +638,7 @@ class MainController extends Controller
 		{
 			//secure pools
 			$_POST['nick'] = trim(strip_tags($this->db->real_escape_string($_POST['nick'])));
-			$_POST['passwd'] = sha1(trim(strip_tags($this->db->real_escape_string($_POST['passwd']))));
+			$_POST['passwd'] = $this->getModel('UsersModel')->generatePasswordHash($_POST['nick'], trim(strip_tags($this->db->real_escape_string($_POST['passwd']))));
 			
 			$userinfo = $this->getModel('SessionModel')->tryGetUser($_POST['nick'], $_POST['passwd']);
 			
@@ -700,7 +702,7 @@ class MainController extends Controller
 				
 			if ($msg == '')
 			{
-				$this->getModel('UsersModel')->createNewUser($_POST['nick'], sha1($_POST['passwd']), $_POST['email']);
+				$this->getModel('UsersModel')->createNewUser($_POST['nick'], $_POST['passwd'], $_POST['email']);
 				$this->getView('MainView')->forum_message('Your account has created. Log in to write new posts.', buildURL('index.php'), 3);
 				$lockv = true;
 			}
diff --git a/inc/models/UsersModel.class.php b/inc/models/UsersModel.class.php
index cf7ca69..9f5e987 100644
--- a/inc/models/UsersModel.class.php
+++ b/inc/models/UsersModel.class.php
@@ -22,6 +22,7 @@ class UsersModel extends Model
 	
 	public function createNewUser($nick, $passwd, $email)
 	{
+		$passwd = $this->generatePasswordHash($nick, $passwd);
 		$this->db->query('call add_user(\''.$nick.'\', \''.$passwd.'\', \''.$email.'\');'); 
 	}
 	
@@ -59,8 +60,9 @@ class UsersModel extends Model
 		return $this->user_info;
 	}
 	
-	public function changeUserPassword($user_id, $passwd)
+	public function changeUserPassword($user_id, $nick, $passwd)
 	{
+		$passwd = $this->generatePasswordHash($nick, $passwd);
 		$query = 
 		'UPDATE .'.USERS_TABLE.'
 		SET `password`=\''.$passwd.'\'
@@ -128,5 +130,16 @@ class UsersModel extends Model
 		WHERE `user_id` = \''.$user_id.'\'';
 		$this->db->query($query);
 	}
+	
+	public function generatePasswordHash($nick, $password)
+	{
+		$modulo =  strlen($nick) % 8;
+		
+		$salt_begin = substr(RANDOM_STRING, $modulo*SALT_LENGTH, SALT_LENGTH-$modulo);
+		
+		$salt_end = substr(RANDOM_STRING, $modulo*SALT_LENGTH + SALT_LENGTH-$modulo, $modulo);
+		
+		return hash('haval256,5', $salt_begin.$password.$salt_end);
+	}
 }
 ?>
\ No newline at end of file