diff --git a/flaschengeist/system/models/accessToken.py b/flaschengeist/system/models/accessToken.py
index e9a3546..396c5ad 100644
--- a/flaschengeist/system/models/accessToken.py
+++ b/flaschengeist/system/models/accessToken.py
@@ -2,6 +2,8 @@ from datetime import datetime
 from ..database import db
 from flask import current_app
 from werkzeug.local import LocalProxy
+from secrets import compare_digest
+
 logger = LocalProxy(lambda: current_app.logger)
 
 class AccessToken(db.Model):
@@ -52,7 +54,7 @@ class AccessToken(db.Model):
         return dic
 
     def __eq__(self, token):
-        return self.token == token
+        return compare_digest(self.token, token)
 
     def __sub__(self, other):
         return other - self.timestamp