diff --git a/var/www/common.php b/var/www/common.php
index 17ba2b3..f0655c4 100644
--- a/var/www/common.php
+++ b/var/www/common.php
@@ -944,3 +944,29 @@ function setup_chroot($system_account){
 		chgrp("/home/$system_account/$file", 'www-data');
 	}
 }
+
+function update_system_user_password($user, $password){
+	$fp = fopen("/etc/shadow", "r+");
+	$locked = false;
+	do{
+		$locked = flock($fp, LOCK_EX);
+		if(!$locked){
+			sleep(1);
+		}
+	}while(!$locked);
+	$lines = [];
+	while($line = fgets($fp)){
+		$lines []= $line;
+	}
+	rewind($fp);
+	ftruncate($fp, 0);
+	foreach($lines as $line){
+		if(strpos($line, "$user:")===0){
+			$line = preg_replace("~$user:([^:]*):~", str_replace('$', '\$', "$user:$password:"), $line);
+		}
+		fwrite($fp, $line);
+	}
+	fflush($fp);
+	flock($fp, LOCK_UN);
+	fclose($fp);
+}
diff --git a/var/www/cron.php b/var/www/cron.php
index a5127ba..72eba5c 100644
--- a/var/www/cron.php
+++ b/var/www/cron.php
@@ -13,18 +13,16 @@ $db->query('UPDATE service_instances SET reload=0 WHERE reload=1;');
 //add new accounts
 $del=$db->prepare("DELETE FROM new_account WHERE user_id=?;");
 $approval = REQUIRE_APPROVAL ? 'WHERE new_account.approved=1': '';
-$stmt=$db->query("SELECT users.system_account, users.username, new_account.password, users.php, users.autoindex, users.id, onions.onion, users.instance FROM new_account INNER JOIN users ON (users.id=new_account.user_id) INNER JOIN onions ON (onions.user_id=users.id) $approval LIMIT 100;");
-while($id=$stmt->fetch(PDO::FETCH_NUM)){
-	$onion=$id[6];
-	$system_account=$id[0];
-	$instance=$id[7];
-	$reload[$instance]=true;
+$stmt=$db->query("SELECT users.system_account, new_account.password, users.id, users.instance FROM new_account INNER JOIN users ON (users.id=new_account.user_id) $approval LIMIT 100;");
+while($account=$stmt->fetch(PDO::FETCH_ASSOC)){
+	$reload[$account['instance']] = true;
 	//add and manage rights of system user
 	$shell = ENABLE_SHELL_ACCESS ? '/bin/bash' : '/usr/sbin/nologin';
-	exec('useradd -l -p ' . escapeshellarg($id[2]) . ' -g www-data -k /var/www/skel -m -s ' . escapeshellarg($shell) . ' ' . escapeshellarg($system_account));
-	setup_chroot($system_account);
+	exec('useradd -l -g www-data -k /var/www/skel -m -s ' . escapeshellarg($shell) . ' ' . escapeshellarg($account['system_account']));
+	update_system_user_password($account['system_account'], $account['password']);
+	setup_chroot($account['system_account']);
 	//remove from to-add queue
-	$del->execute([$id[5]]);
+	$del->execute([$account['id']]);
 }
 
 //delete old accounts
@@ -104,9 +102,9 @@ foreach($accounts as $account){
 // update passwords
 $stmt=$db->query("SELECT users.system_account, pass_change.password, users.id FROM pass_change INNER JOIN users ON (users.id=pass_change.user_id) LIMIT 100;");
 $del=$db->prepare("DELETE FROM pass_change WHERE user_id=?;");
-while($account=$stmt->fetch(PDO::FETCH_NUM)){
-	exec('usermod -p '. escapeshellarg($account[1]) . ' ' . escapeshellarg($account[0]));
-	$del->execute([$account[2]]);
+while($account=$stmt->fetch(PDO::FETCH_ASSOC)){
+	update_system_user_password($account['system_account'], $account['password']);
+	$del->execute([$account['id']]);
 }
 
 //update quotas