diff --git a/pom.xml b/pom.xml
index bd0ed16fde8321eb963ad6e73a9dbc61bc8f11f2..4d72f91af3adcb8d61c825f443f5b98259d70468 100644
--- a/pom.xml
+++ b/pom.xml
@@ -38,7 +38,11 @@
 			<groupId>org.springframework.boot</groupId>
 			<artifactId>spring-boot-starter-web</artifactId>
 		</dependency>
-
+		<dependency>
+			<groupId>org.mindrot</groupId>
+			<artifactId>jbcrypt</artifactId>
+			<version>0.4</version>
+		</dependency>
 		<dependency>
 			<groupId>org.springframework.boot</groupId>
 			<artifactId>spring-boot-starter-test</artifactId>
diff --git a/src/main/java/com/cloudcomputing/todo/mapper/UserMapper.java b/src/main/java/com/cloudcomputing/todo/mapper/UserMapper.java
index 8f0a9164c52d94df651ef4dd56fed3acbf7fca1b..99697985fd2b63dbd441c5ed906478077e1a316e 100644
--- a/src/main/java/com/cloudcomputing/todo/mapper/UserMapper.java
+++ b/src/main/java/com/cloudcomputing/todo/mapper/UserMapper.java
@@ -4,6 +4,7 @@ import com.cloudcomputing.todo.dto.UserDTO;
 import com.cloudcomputing.todo.entity.User;
 import com.cloudcomputing.todo.service.UserService;
 import org.springframework.stereotype.Component;
+import org.mindrot.jbcrypt.BCrypt;
 
 @Component
 public class UserMapper {
@@ -22,7 +23,7 @@ public class UserMapper {
         User user = new User();
         user.setUserId(userDTO.getUserId());
         user.setUserName(userDTO.getUserName());
-        user.setPasswordHash(saltAndHashPassword(userDTO.getUserName(), userDTO.getPassword()));
+        user.setPasswordHash(BCrypt.hashpw(userDTO.getPassword(), BCrypt.gensalt()));
         return user;
     }
 
@@ -31,7 +32,7 @@ public class UserMapper {
     * helper method for salting and hashing
     *
      */
-
+    /*
     //salts and hashes password by byte values
     public String saltAndHashPassword(String userName, String pw) {
         //turn username into byte-array to use as unique salt
@@ -53,4 +54,6 @@ public class UserMapper {
 
         return saltAsString + passwordAsString;
     }
+        */
+
 }
diff --git a/src/main/java/com/cloudcomputing/todo/util/CustomAuthenticator.java b/src/main/java/com/cloudcomputing/todo/util/CustomAuthenticator.java
index 2ec9d4d35cc9338996b21f86d2665c85984360d1..4cc2b10db590c7aa4b882b738556a163eb051b96 100644
--- a/src/main/java/com/cloudcomputing/todo/util/CustomAuthenticator.java
+++ b/src/main/java/com/cloudcomputing/todo/util/CustomAuthenticator.java
@@ -8,6 +8,7 @@ import jakarta.servlet.http.HttpSession;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.http.ResponseEntity;
 import org.springframework.stereotype.Component;
+import org.mindrot.jbcrypt.BCrypt;
 
 @Component
 public class CustomAuthenticator {
@@ -24,8 +25,9 @@ public class CustomAuthenticator {
 
         if (user != null) {
             expectedHash = user.getPasswordHash();
+            return BCrypt.checkpw(userDTO.getPassword(), expectedHash);
         }
 
-        return userMapper.saltAndHashPassword(userDTO.getUserName(), userDTO.getPassword()).equals(expectedHash);
+        return false;
     }
 }