diff --git a/includes/login.inc b/includes/login.inc
index c6a20d5..fb691df 100644
--- a/includes/login.inc
+++ b/includes/login.inc
@@ -13,7 +13,8 @@ else if (isset($_POST['do']) == "authenticate")
 
     # Attempt login
 	require "dbconnect.php";
- 	$sql = "SELECT id,username FROM blog_users WHERE username='$_POST[username]' and password=PASSWORD('$_POST[password]')";
+    $pass = md5($_POST['password']);
+ 	$sql = "SELECT id,username FROM blog_users WHERE username='$_POST[username]' and password='$pass'";
 	$result = mysql_query($sql) or die (mysql_error());
 
     #	echo "Results: " . mysql_num_rows($result); // Debugging line
diff --git a/install.php b/install.php
index 484f4f2..bfd64ba 100644
--- a/install.php
+++ b/install.php
@@ -5,8 +5,18 @@ include "includes/config.php";
 ?>
 
 <h1>Installer</h1>
+<form method="post" action="<?php $_SERVER[PHP_SELF] ?>">
+Desired password for admin: <input type="password" name="password">
+<br />
+<input type="submit" value="Create admin">
+</form>
 
 <?php
+if (!isset($_POST['password']))
+{
+    die("No password entered yet");
+}
+$pw = md5($_POST['password']);
 
 # Test connection to database server
 $link = mysql_connect($host, $user, $password)
@@ -20,28 +30,37 @@ mysql_select_db($database)
 $sql = "CREATE TABLE `blog` (`postnumber` int(11) NOT NULL AUTO_INCREMENT,`date` date NOT NULL,`title` text COLLATE utf8_unicode_ci NOT NULL,`posttext` text COLLATE utf8_unicode_ci NOT NULL, PRIMARY KEY (`postnumber`)) ENGINE=InnoDB AUTO_INCREMENT=7 DEFAULT CHARSET=utf8 COLLATE=utf8_unicode_ci;";
 #$result = mysql_query($sql) or die (mysql_error());
 $result = mysql_query($sql);
-if (mysql_error()) {
+if (mysql_error()) 
+{
 	echo mysql_error() . ".<br />";
-} else {
+} 
+else 
+{
 	echo "Table 'Blog' created successfully.<br />";
 }
 
 # Try to create 'blog_users' table
-$sql = "CREATE TABLE `blog_users` (`id` int(11) NOT NULL AUTO_INCREMENT,`username` varchar(20) NOT NULL,`name` varchar(40) NOT NULL,`password` varchar(64) NOT NULL,`session` int(64), PRIMARY KEY (`id`)) ENGINE=InnoDB AUTO_INCREMENT=1 DEFAULT CHARSET=utf8 COLLATE=utf8_unicode_ci;";
+$sql = "CREATE TABLE `blog_users` (`id` int(11) NOT NULL AUTO_INCREMENT,`username` varchar(20) UNIQUE NOT NULL,`name` varchar(40) NOT NULL,`password` varchar(64) NOT NULL,`session` int(64), PRIMARY KEY (`id`)) ENGINE=InnoDB AUTO_INCREMENT=1 DEFAULT CHARSET=utf8 COLLATE=utf8_unicode_ci;";
 $result = mysql_query($sql);
-if (mysql_error()) {
+if (mysql_error()) 
+{
         echo mysql_error() . ".<br />";
-} else {
+} 
+else 
+{
 	echo "Table 'Users' created successfully.<br />";
 }
 
 # Try to create 'admin' user
-$sql = "INSERT INTO `blog_users` (`id`, `username`, `name`, `password`, `session`) VALUES (NULL, 'admin', 'Admin', PASSWORD('admin'), NULL);";
+$sql = "INSERT INTO `blog_users` (`id`, `username`, `name`, `password`, `session`) VALUES (NULL, 'admin', 'Admin', '$pw', NULL);";
 $result = mysql_query($sql);
-if (mysql_error()) {
-        echo "User 'admin' already exists.<br />";
-} else {
-        echo "User 'admin/admin' created successfully.<br />";
+if (mysql_error()) 
+{
+        echo mysql_error() . ".<br/>";
+} 
+else 
+{
+        echo "User 'admin' created successfully.<br />";
 }
 
 end_html();