diff --git a/Taskfile.yml b/Taskfile.yml
index 860ebb4..a3dbd81 100644
--- a/Taskfile.yml
+++ b/Taskfile.yml
@@ -2,14 +2,14 @@ version: "3"
 
 env:
   HBOX_STORAGE_SQLITE_URL: .data/homebox.db?_fk=1
-
+  UNSAFE_DISABLE_PASSWORD_PROJECTION: "yes_i_am_sure"
 tasks:
   setup:
     desc: Install dependencies
     cmds:
-    - go install github.com/swaggo/swag/cmd/swag@latest
-    - cd backend && go mod tidy
-    - cd frontend && pnpm install --shamefully-hoist
+      - go install github.com/swaggo/swag/cmd/swag@latest
+      - cd backend && go mod tidy
+      - cd frontend && pnpm install --shamefully-hoist
   generate:
     desc: |
       Generates collateral files from the backend project
diff --git a/backend/app/api/v1/controller.go b/backend/app/api/v1/controller.go
index 6cc8069..ed1f3f7 100644
--- a/backend/app/api/v1/controller.go
+++ b/backend/app/api/v1/controller.go
@@ -33,6 +33,8 @@ type V1Controller struct {
 }
 
 type (
+	ReadyFunc func() bool
+
 	Build struct {
 		Version   string `json:"version"`
 		Commit    string `json:"commit"`
@@ -53,7 +55,6 @@ func BaseUrlFunc(prefix string) func(s string) string {
 	return func(s string) string {
 		return prefix + "/v1" + s
 	}
-
 }
 
 func NewControllerV1(svc *services.AllServices, options ...func(*V1Controller)) *V1Controller {
@@ -69,8 +70,6 @@ func NewControllerV1(svc *services.AllServices, options ...func(*V1Controller))
 	return ctrl
 }
 
-type ReadyFunc func() bool
-
 // HandleBase godoc
 // @Summary Retrieves the basic information about the API
 // @Tags    Base
diff --git a/backend/pkgs/hasher/password.go b/backend/pkgs/hasher/password.go
index f7cca4d..64e88b2 100644
--- a/backend/pkgs/hasher/password.go
+++ b/backend/pkgs/hasher/password.go
@@ -1,13 +1,37 @@
 package hasher
 
-import "golang.org/x/crypto/bcrypt"
+import (
+	"fmt"
+	"os"
+
+	"golang.org/x/crypto/bcrypt"
+)
+
+var enabled = true
+
+func init() {
+	disableHas := os.Getenv("UNSAFE_DISABLE_PASSWORD_PROJECTION") == "yes_i_am_sure"
+
+	if disableHas {
+		fmt.Println("WARNING: Password projection is disabled. This is unsafe in production.")
+		enabled = false
+	}
+}
 
 func HashPassword(password string) (string, error) {
+	if !enabled {
+		return password, nil
+	}
+
 	bytes, err := bcrypt.GenerateFromPassword([]byte(password), 14)
 	return string(bytes), err
 }
 
 func CheckPasswordHash(password, hash string) bool {
+	if !enabled {
+		return password == hash
+	}
+
 	err := bcrypt.CompareHashAndPassword([]byte(hash), []byte(password))
 	return err == nil
 }