diff --git a/winixd/core/crypt.cpp b/winixd/core/crypt.cpp
index b552e87..3a0932d 100644
--- a/winixd/core/crypt.cpp
+++ b/winixd/core/crypt.cpp
@@ -335,10 +335,13 @@ void Crypt::PassHashCrypt(const std::wstring & salt, const std::wstring & path_t
 }
 
 
-
+/*
+ * we hashing user.password, may it would be better to get the password as a seperate argument?
+ */
 void Crypt::PassHashCrypt(User & user)
 {
 	user.pass_type = config->pass_type;
+	ClearString(user.pass_encrypted);
 	empty.clear();
 
 	if( config->pass_hash_use_salt && !config->pass_hash_salt.empty() )