diff --git a/README.md b/README.md
index 5dad4fb..8c2d040 100644
--- a/README.md
+++ b/README.md
@@ -44,6 +44,7 @@ sudo ./bank <admin password> <saving frequency in minutes> <threads>
 - **Tamper Proof** relative to an in-game implementation
 - **Auto-Saving**, Saves on crash, Saves on close
 - **HTTPS** (OpenSSL)
+- **Passwords are Hashed**, meaning if the bank is compromised passwords wont be leaked
 
 ### Accessibility
 
diff --git a/include/bank.hpp b/include/bank.hpp
index e2147a9..c0d73d8 100644
--- a/include/bank.hpp
+++ b/include/bank.hpp
@@ -53,7 +53,7 @@ public:
     bool DelUser(const std::string &name, const std::string &attempt)
     {
         std::unique_lock<std::shared_mutex> lock{size_lock};
-        return users.erase_if(name, [&attempt](const User &u) { return (attempt == u.password); });
+        return users.erase_if(name, [&attempt](const User &u) { return (std::hash<std::string>{}(attempt) == u.password); });
     }
     bool AdminDelUser(const std::string &name, const std::string &attempt)
     {
@@ -74,7 +74,7 @@ public:
         bool state = false;
         std::shared_lock<std::shared_mutex> lock{send_funds_l}; //because SendFunds requires 3 locking operations
         users.modify_if(a_name, [&state, amount, &attempt](User &a) {
-            if (state = (a.balance >= amount) && (a.password == attempt), state)
+            if (state = (a.balance >= amount) && (a.password == std::hash<std::string>{}(attempt)), state)
             {
                 a.balance -= amount;
             }
@@ -125,7 +125,7 @@ public:
     {
         int_fast8_t res = -1;
         users.if_contains(name, [&res, &attempt](const User &u) {
-            res = u.password == attempt;
+            res = u.password == std::hash<std::string>{}(attempt);
         });
         return res;
     }
@@ -133,10 +133,10 @@ public:
     {
         int_fast8_t res = -1;
         users.modify_if(name, [&res, &attempt, &new_pass](User &u) {
-            res = (u.password == attempt);
+            res = (u.password == std::hash<std::string>{}(attempt));
             if (res)
             {
-                u.password = new_pass;
+                u.password = std::hash<std::string>{}(new_pass);
             }
         });
         return res;
diff --git a/include/user.hpp b/include/user.hpp
index df833af..b3fb45a 100644
--- a/include/user.hpp
+++ b/include/user.hpp
@@ -5,14 +5,14 @@
 struct User
 {
     uint_fast32_t balance = 0;
-    std::string password;
+    size_t password;
 
     /**
      * @brief User constructor
      * 
      * @param init_pass initial password
      */
-    User(std::string &&init_pass) : password(init_pass) {}
+    User(std::string &&init_pass) : password(std::hash<std::string>{}(init_pass)) {}
 
     /**
      * @brief User Constructor for admins
@@ -20,7 +20,7 @@ struct User
      * @param init_bal initial balance
      * @param init_pass initial password 
      */
-    User(uint_fast32_t init_bal, std::string &&init_pass) : balance(init_bal), password(init_pass) {}
+    User(uint_fast32_t init_bal, std::string &&init_pass) : balance(init_bal), password(std::hash<std::string>{}(init_pass)) {}
 
     Json::Value Serialize() const
     {