diff --git a/app/models.py b/app/models.py
index 73c538c..0c0dd69 100644
--- a/app/models.py
+++ b/app/models.py
@@ -49,7 +49,7 @@ class VPNAccount(db.Model):
     def __init__(self, username, value, is_expiration=False):
         self.username = username
         self.value = value
-        self.attribute = 'Expiration' if is_expiration else 'Cleartext-Password'
+        self.attribute = 'Expiration' if is_expiration else 'NT-Password'
         self.op = ':='
 
     def save(self):
@@ -58,7 +58,7 @@ def save(self):
 
     @classmethod
     def get_account_by_email(cls, email):
-        return cls.query.filter_by(username=email).filter_by(attribute='Cleartext-Password').first()
+        return cls.query.filter_by(username=email).filter_by(attribute='NT-Password').first()
 
     @classmethod
     def get_expiration_by_email(cls, email):
@@ -68,7 +68,7 @@ def get_expiration_by_email(cls, email):
     def add(cls, email, password, expiration):
         account = cls.get_account_by_email(email)
         if not account:
-            account = cls(email, password)
+            account = cls(email, hash_nt_passwd(password.encode('utf-16le')))
             account.save()
             if not Group.get_group_by_email(email):
                 group = Group(email)
@@ -107,7 +107,7 @@ def changepass(cls, email, newpass):
         if not account:
             raise Exception('account not found')
         else:
-            account.value = newpass
+            account.value = hash_nt_passwd(newpass.encode('utf-16le'))
         account.save()
 
 
@@ -186,6 +186,10 @@ def get_rejected(cls):
     def get_users(cls):
         return cls.query.filter(db.or_(cls.status == 'pass', cls.status == 'banned')).order_by(cls.id).all()
 
+    def vpnpassword_invisible(self):
+        self.vpnpassword = "<secure>"
+        self.save()
+
     def pass_apply(self, is_long=False):
         self.status = 'pass'
         self.expiration = next_semester_end()
diff --git a/app/utils.py b/app/utils.py
index e173983..ccbd518 100644
--- a/app/utils.py
+++ b/app/utils.py
@@ -1,7 +1,12 @@
 import random
 import string
 import datetime
+import hashlib
+from base64 import b64encode
 
+def hash_nt_passwd(passwd_utf16le):
+    nt_password = b64encode(hashlib.new('md4', passwd_utf16le).digest())
+    return nt_password
 
 def random_string(N):
     return ''.join(random.choice(string.ascii_uppercase + string.ascii_lowercase + string.digits) for i in range(N))
diff --git a/app/views.py b/app/views.py
index ffff32c..3e676e5 100644
--- a/app/views.py
+++ b/app/views.py
@@ -90,6 +90,8 @@ def login():
                 flash('Email not confirmed. Please recover your account at the bottom of this page.', 'error')
             else:
                 login_user(user)
+                if user.status == 'pass':
+                    user.vpnpassword_invisible()
                 return redirect(url_for('index'))
     return render_template('login.html', form=form)
 
@@ -146,6 +148,8 @@ def cancel():
 @app.route('/logout/', methods=['POST'])
 @login_required
 def logout():
+    if current_user.status == 'pass':
+        current_user.vpnpassword_invisible()
     logout_user()
     return redirect(url_for('login'))