diff --git a/conf/create-manager-db.sql b/conf/create-manager-db.sql
index e55833b93e0d4845944f270d360c7e5e89f68ea0..24bc2469b882faf8f465c8d4b3703e87b33f7d7b 100644
--- a/conf/create-manager-db.sql
+++ b/conf/create-manager-db.sql
@@ -2,7 +2,7 @@
 
 CREATE TABLE `testaccounts` (
   `id` bigint(20) NOT NULL auto_increment,
-  `user_password` varchar(50) NOT NULL,
+  `user_password_hash` varchar(50) NOT NULL,
   `creation_date` int default NULL,
   `expiration_date` int default NULL,
   `account_profile` varchar(100) NOT NULL,
diff --git a/lib/IdPAccountManager/Data/Testaccount.pm b/lib/IdPAccountManager/Data/Testaccount.pm
index b5b82387aaf7ddbd49a10101c7659ea8a99dffc8..8c33b1d122aad24bcb0f6b0105496e69e675d3bb 100644
--- a/lib/IdPAccountManager/Data/Testaccount.pm
+++ b/lib/IdPAccountManager/Data/Testaccount.pm
@@ -8,12 +8,12 @@ __PACKAGE__->meta->setup(
     table   => 'testaccounts',
 
     columns => [
-        id              => { type => 'bigserial', not_null => 1 },
-        user_password   => { type => 'varchar', length => 50, not_null => 1 },
-        creation_date   => { type => 'integer' },
-        expiration_date => { type => 'integer' },
-        account_profile => { type => 'varchar', length => 100, not_null => 1 },
-        sp_entityid     => { type => 'varchar', length => 250, not_null => 1 },
+        id                 => { type => 'bigserial', not_null => 1 },
+        user_password_hash => { type => 'varchar', length => 50, not_null => 1 },
+        creation_date      => { type => 'integer' },
+        expiration_date    => { type => 'integer' },
+        account_profile    => { type => 'varchar', length => 100, not_null => 1 },
+        sp_entityid        => { type => 'varchar', length => 250, not_null => 1 },
     ],
 
     primary_key_columns => [ 'id' ],
diff --git a/lib/IdPAccountManager/TestAccount.pm b/lib/IdPAccountManager/TestAccount.pm
index da9ef0ea01412aac2b6a291db4fc74b4c72f0710..b7d43b370e9f6d82c8c6eb3601a13736a3295158 100644
--- a/lib/IdPAccountManager/TestAccount.pm
+++ b/lib/IdPAccountManager/TestAccount.pm
@@ -43,7 +43,13 @@ sub get {
     my $self = shift;
     my $attribute_name = shift;
     
-    return $self->{'persistent'}->$attribute_name;
+    ## User password is not stored in DB
+    if ($attribute_name eq 'user_password') {
+        return $self->{$attribute_name};
+    }else {
+        return $self->{'persistent'}->$attribute_name;
+
+    }
 }
 
 sub save {
@@ -53,7 +59,8 @@ sub save {
     unless (defined $self->{'persistent'}->id) {
         $self->{'persistent'}->creation_date(time);
         $self->{'persistent'}->expiration_date(time + ($IdPAccountManager::Conf::global{'accounts_validity_period'} * 3600 * 24));
-        $self->{'persistent'}->user_password(&IdPAccountManager::Tools::generate_password());
+        $self->{'user_password'} = &IdPAccountManager::Tools::generate_password();
+        $self->{'persistent'}->user_password_hash(&IdPAccountManager::Tools::sha256_hash($self->{'user_password'}));
     }
     
     unless ($self->{'persistent'}->save()) {
@@ -77,8 +84,8 @@ sub print {
     my $self = shift;
     my $fd = shift || \*STDOUT;
     
-    printf $fd "Account ID=%s; password=%s; sp_entityid=%s; account_profile=%s; creation_date=%s; expiration_date=%s\n",
-            $self->get('id'), $self->get('user_password'), $self->get('sp_entityid'), $self->get('account_profile'),
+    printf $fd "Account ID=%s; password_hash=%s; sp_entityid=%s; account_profile=%s; creation_date=%s; expiration_date=%s\n",
+            $self->get('id'), $self->get('user_password_hash'), $self->get('sp_entityid'), $self->get('account_profile'),
             &POSIX::strftime('%Y:%m:%d', localtime($self->get('creation_date'))), &POSIX::strftime('%Y:%m:%d', localtime($self->get('expiration_date')));
 
     return 1.
diff --git a/lib/IdPAccountManager/Tools.pm b/lib/IdPAccountManager/Tools.pm
index e23e1657fa7780e54c3b22a00f07c7fb5c8a5ac4..620d2d3ed10fde754965bbce7c0045024c6466d1 100644
--- a/lib/IdPAccountManager/Tools.pm
+++ b/lib/IdPAccountManager/Tools.pm
@@ -1,10 +1,18 @@
 package IdPAccountManager::Tools;
 
 use Template;
+use Digest::SHA;
 
 my %log_levels = ('debug' => 0, 'info' => 1, 'trace' => 1, 'notice' => 2, 'error' => 3);
 
 
+# get SHA256 hash for a string
+sub sha256_hash {
+    my $s = shift;
+    
+    return &Digest::SHA::sha256_base64($s);
+}
+
 # This function generates a random password
 sub generate_password{
         my $length_of_randomstring=10;# the length of 
diff --git a/templates/accountProfiles/student1.tt2 b/templates/accountProfiles/student1.tt2
index d4aba8cb5764ba277040b54b24a75780631737a9..e60a6efe3289371bb542795ec7b3ac7586623ebe 100644
--- a/templates/accountProfiles/student1.tt2
+++ b/templates/accountProfiles/student1.tt2
@@ -1,4 +1,4 @@
-'user[% account.id %]:[% account.get('user_password') %]' => array(
+'user[% account.get('id') %]:{SHA256}[% account.get('user_password_hash') %]=' => array(
 	'uid' => 'user[% account.get('id') %]',
 	'eduPersonAffiliation' => array('member', 'student'),
 	'eduPersonScopedAffiliation' => array('member@[% conf.idp_scope %]', 'student@[% conf.idp_scope %]'),
diff --git a/templates/accountProfiles/valid-accounts.php.tt2 b/templates/accountProfiles/valid-accounts.php.tt2
index ecb525f1b4d2bb7adef3947a6968662c183ecf00..84e13dad9bfe7f2fd4d749beb6ccad83f4ac33f7 100644
--- a/templates/accountProfiles/valid-accounts.php.tt2
+++ b/templates/accountProfiles/valid-accounts.php.tt2
@@ -1,7 +1,7 @@
 <?php
 // template for a PhP configuration file loaded in simpleSamlPhp authsources.php file
 $validTestAccounts = array (
-    'exampleauth:UserPass',
+    'authcrypt:Hash',
 
 [% FOREACH account IN accounts %]
   [% INCLUDE "${account.get('account_profile')}.tt2" %]