diff --git a/main.go b/main.go
index 9d93de9..71b5eb3 100644
--- a/main.go
+++ b/main.go
@@ -1325,7 +1325,7 @@ func main() {
 		state := c.Request.URL.Query().Get("state")
 		nonce := c.Request.URL.Query().Get("nonce")
 		deny := c.Request.URL.Query().Get("deny")
-		sessionKey, err := c.Cookie("secretKey")
+		sessionKey, err := c.Cookie("session")
 		if err == nil {
 			if errors.Is(err, http.ErrNoCookie) || sessionKey == "" {
 				sessionKey = c.Request.URL.Query().Get("session")
diff --git a/static/js/login.js b/static/js/login.js
index a2cbe7a..2998212 100644
--- a/static/js/login.js
+++ b/static/js/login.js
@@ -168,7 +168,7 @@ nextButton.addEventListener("click", async () => {
                     method: "POST",
                     body: JSON.stringify({
                         username: username,
-                        password: hashpassold(password),
+                        password: await hashpassold(password),
                         modern: false
                     }),
                     headers: {
@@ -237,4 +237,4 @@ document.getElementById("privacyButton").addEventListener("click", function(even
 
 function toSignup() {
     window.location.href = "/signup" + window.location.search;
-}
\ No newline at end of file
+}
diff --git a/static/js/main.js b/static/js/main.js
index 66f7156..118abf7 100644
--- a/static/js/main.js
+++ b/static/js/main.js
@@ -52,12 +52,12 @@ function oauth() {
     const expireTime = now.getTime() + (21 * 1000);
     let expires = new Date(expireTime).toUTCString();
     if (navigator.cookieEnabled) {
-        document.cookie = "DONOTSHARE-secretkey=" + secret_key + "; expires=" + expires + "; path=/";
+        document.cookie = "session=" + secret_key + "; expires=" + expires + "; path=/";
         window.location.replace("/api/auth?client_id=" + client_id + "&redirect_uri=" + redirect_uri + "&code_challenge_method=" + codemethod + "&code_challenge=" + code + "&state=" + state + "&nonce=" + nonce + "&deny=false");
     } else {
         document.getElementById("statusBox").textContent = "Warning! Because cookies are disabled, your access token is sent directly in the URL. This is less secure than using cookies, but you chose this path!";
         setTimeout(() => {
-            window.location.replace("/api/auth?client_id=" + client_id + "&redirect_uri=" + redirect_uri + "&code_challenge_method=" + codemethod + "&code_challenge=" + code + "&state=" + state + "&nonce=" + nonce + "&deny=false&access_token=" + secret_key);
+            window.location.replace("/api/auth?client_id=" + client_id + "&redirect_uri=" + redirect_uri + "&code_challenge_method=" + codemethod + "&code_challenge=" + code + "&state=" + state + "&nonce=" + nonce + "&deny=false&session=" + secret_key);
         }, 200);
     }
 }