diff --git a/sqli/dao/user.py b/sqli/dao/user.py
index c663ddc3..5d164058 100644
--- a/sqli/dao/user.py
+++ b/sqli/dao/user.py
@@ -1,4 +1,4 @@
-from hashlib import md5
+from cryptography.hazmat.primitives import hashes
 from typing import NamedTuple, Optional
 
 from aiopg import Connection
@@ -38,4 +38,6 @@ async def get_by_username(conn: Connection, username: str):
             return User.from_raw(await cur.fetchone())
 
     def check_password(self, password: str):
-        return self.pwd_hash == md5(password.encode('utf-8')).hexdigest()
+        digest = hashes.Hash(hashes.SHA384())
+        digest.update(password.encode('utf-8'))
+        return self.pwd_hash == digest.finalize().hex()
\ No newline at end of file