diff --git a/server/router/passwordresetroute/controller.go b/server/router/passwordresetroute/controller.go
index 0329b1c..b6dc289 100644
--- a/server/router/passwordresetroute/controller.go
+++ b/server/router/passwordresetroute/controller.go
@@ -118,6 +118,12 @@ func (c *controller) handleResetComplete(ctx echo.Context) error {
 		return routeutils.ResponseAPIPasswordResetFailed(ctx, "No password")
 	}
 
+	pass, err := b64.StdEncoding.DecodeString(user.Pass)
+	if err != nil {
+		return routeutils.ResponseAPIPasswordResetFailed(ctx, "Invalid password", false)
+	}
+	user.Pass = string(pass)
+
 	passwordResetEntry, err := c.svc.PasswordReset.GetByToken(userToken)
 	if err != nil || len(passwordResetEntry.Token) < 1 || passwordResetEntry.Expires.Before(time.Now()) || passwordResetEntry.Used == true {
 		return routeutils.ResponseAPIPasswordResetFailed(ctx, "Token error")