diff --git a/src/client_server/session.rs b/src/client_server/session.rs
index 2edb71e..3cbd91c 100644
--- a/src/client_server/session.rs
+++ b/src/client_server/session.rs
@@ -184,9 +184,8 @@ pub async fn login_route(
                 println!("user_id: {}", user_id);
 
                 if !db.users.exists(&user_id)? {
-                    // TODO None?
-                    db.users
-                        .create(&user_id, Some("00000000000000000000000000000000000000000"))?; // TODO
+                    let random_password = crate::utils::random_string(TOKEN_LENGTH);
+                    db.users.create(&user_id, Some(&random_password))?;
                     db.account_data.update(
                         None,
                         &user_id,