diff --git a/simple_websockets/Makefile b/simple_websockets/Makefile
index 24f9659..0f5074f 100644
--- a/simple_websockets/Makefile
+++ b/simple_websockets/Makefile
@@ -1,5 +1,5 @@
 PROGRAM = websocktest
-LDFLAGS = $(shell pkg-config --libs libwebsockets) -lpthread
+LDFLAGS = $(shell pkg-config --libs libwebsockets) -lpthread -lcrypto
 SRCS = main.c que.c
 CC = gcc
 DEFINES += -DEBUG
diff --git a/simple_websockets/main.c b/simple_websockets/main.c
index 05cc89b..4c9613f 100644
--- a/simple_websockets/main.c
+++ b/simple_websockets/main.c
@@ -27,6 +27,7 @@
 #include <pthread.h>
 #include <sys/prctl.h>
 #include <time.h>
+#include <openssl/md5.h>
 
 #include "dbg.h"
 #include "que.h"
@@ -37,6 +38,9 @@
 
 char *client_IP = NULL; // IP of first connected client
 volatile int stop = 0;
+const char *passhash = "1a1dc91c907325c69271ddf0c944bc72"; // "pass"
+char *pwencrypted;
+
 pthread_mutex_t command_mutex, ip_mutex;
 
 static void interrupt(_U_ int signo) {
@@ -53,17 +57,62 @@ int ws_write(struct lws *wsi_in, char *str){
 	if(len > MESSAGE_LEN) len = MESSAGE_LEN;
 	memcpy(buf + LWS_SEND_BUFFER_PRE_PADDING, str, len);
 	n = lws_write(wsi_in, buf + LWS_SEND_BUFFER_PRE_PADDING, len, LWS_WRITE_TEXT);
-	DBG("write %s\n", str);
+	//DBG("write %s\n", str);
 	return n;
 }
 
-void websig(char *command){
+void websig(char *command, control_data *dat){
 	/*while(data_in_buf);
 	pthread_mutex_lock(&command_mutex);
 	strncpy(cmd_buf, command, CMDBUFLEN);
 	data_in_buf = 1;
 	pthread_mutex_unlock(&command_mutex);*/
-	DBG("get message: %s\n", command);
+	DBG("got message: %s\n", command);
+	if(dat->state == SALT_SENT){
+		if(strcmp(command, pwencrypted) == 0){ // pass OK
+			dat->state = VERIFIED;
+			put_message_to_que("authOK", dat);
+		}else{ // wrong password
+			put_message_to_que("badpass", dat);
+		}
+	}
+}
+
+char *str2md5(const char *str) {
+	int n;
+	MD5_CTX c;
+	unsigned char digest[16];
+	static char out[33] = {0};
+	size_t length = strlen(str);
+	if(length > 512) length = 512;
+	MD5_Init(&c);
+	MD5_Update(&c, str, length);
+	MD5_Final(digest, &c);
+	for (n = 0; n < 16; ++n) {
+		snprintf(&(out[n*2]), 3, "%02x", (unsigned int)digest[n]);
+	}
+	return out;
+}
+
+
+char *gensalt(){
+	static char buf[38] = "pwhash";
+	char salt_and_pass[64];
+	int i;
+	for(i = 6; i < 38; ++i){
+		char r = rand() % 26;
+		if(rand() & 1)
+			r += 'a';
+		else
+			r += 'A';
+		buf[i] = r;
+	}
+	DBG("gen: %s", buf);
+	strcpy(salt_and_pass, &buf[6]);
+	strcat(salt_and_pass, passhash);
+	pwencrypted = str2md5(salt_and_pass);
+	DBG("salt + pass: %s", pwencrypted);
+	return buf;
 }
 
 static int control_callback(struct lws *wsi,
@@ -89,6 +138,8 @@ static int control_callback(struct lws *wsi,
 			if(!client_IP){
 				client_IP = strdup(client_ip);
 				DBG("new connection");
+				dat->state = SALT_SENT;
+				put_message_to_que(gensalt(), dat); // send "pwhash" + salt
 			}else{
 				char buf[256];
 				snprintf(buf, 255, "Already connected from %s. Please, disconnect.", client_IP);
@@ -104,15 +155,15 @@ static int control_callback(struct lws *wsi,
 		case LWS_CALLBACK_SERVER_WRITEABLE:
 			if(dat->num)
 				parse_que_msg(dat);
-			if(!dat->already_connected && global_que.num)
-				parse_que_msg(&global_que);
+			if(dat->state == VERIFIED && !dat->already_connected && global_que.num)
+					parse_que_msg(&global_que);
 			usleep(500);
 			lws_callback_on_writable(wsi);
 			return 0;
 		break;
 		case LWS_CALLBACK_RECEIVE:
 			if(!dat->already_connected)
-				websig(msg);
+				websig(msg, dat);
 		break;
 		case LWS_CALLBACK_CLOSED:
 			DBG("closed\n");
@@ -209,6 +260,7 @@ int main(void) {
 	signal(SIGTERM, interrupt);
 	signal(SIGQUIT, SIG_IGN);
 	signal(SIGTSTP, SIG_IGN);
+	srand(time(NULL));
 	while(1){
 		if(stop) return 0;
 		pid_t childpid = fork();
diff --git a/simple_websockets/que.h b/simple_websockets/que.h
index 1691ab6..e571c9b 100644
--- a/simple_websockets/que.h
+++ b/simple_websockets/que.h
@@ -26,12 +26,19 @@
 #define MESSAGE_QUE_SIZE   (16)
 
 
+typedef enum{
+	UNDEFINED = 0,
+	SALT_SENT,
+	VERIFIED,
+}client_state;
+
 typedef struct {
 	int num;
 	int idxwr;
 	int idxrd;
 	char message[MESSAGE_QUE_SIZE][MESSAGE_LEN];
 	int already_connected;
+	client_state state;
 } control_data;
 
 extern char que[];
diff --git a/simple_websockets/www/fastermd5.js b/simple_websockets/www/fastermd5.js
new file mode 100644
index 0000000..6876bc3
--- /dev/null
+++ b/simple_websockets/www/fastermd5.js
@@ -0,0 +1,184 @@
+function md5cycle(x, k) {
+var a = x[0], b = x[1], c = x[2], d = x[3];
+
+a = ff(a, b, c, d, k[0], 7, -680876936);
+d = ff(d, a, b, c, k[1], 12, -389564586);
+c = ff(c, d, a, b, k[2], 17,  606105819);
+b = ff(b, c, d, a, k[3], 22, -1044525330);
+a = ff(a, b, c, d, k[4], 7, -176418897);
+d = ff(d, a, b, c, k[5], 12,  1200080426);
+c = ff(c, d, a, b, k[6], 17, -1473231341);
+b = ff(b, c, d, a, k[7], 22, -45705983);
+a = ff(a, b, c, d, k[8], 7,  1770035416);
+d = ff(d, a, b, c, k[9], 12, -1958414417);
+c = ff(c, d, a, b, k[10], 17, -42063);
+b = ff(b, c, d, a, k[11], 22, -1990404162);
+a = ff(a, b, c, d, k[12], 7,  1804603682);
+d = ff(d, a, b, c, k[13], 12, -40341101);
+c = ff(c, d, a, b, k[14], 17, -1502002290);
+b = ff(b, c, d, a, k[15], 22,  1236535329);
+
+a = gg(a, b, c, d, k[1], 5, -165796510);
+d = gg(d, a, b, c, k[6], 9, -1069501632);
+c = gg(c, d, a, b, k[11], 14,  643717713);
+b = gg(b, c, d, a, k[0], 20, -373897302);
+a = gg(a, b, c, d, k[5], 5, -701558691);
+d = gg(d, a, b, c, k[10], 9,  38016083);
+c = gg(c, d, a, b, k[15], 14, -660478335);
+b = gg(b, c, d, a, k[4], 20, -405537848);
+a = gg(a, b, c, d, k[9], 5,  568446438);
+d = gg(d, a, b, c, k[14], 9, -1019803690);
+c = gg(c, d, a, b, k[3], 14, -187363961);
+b = gg(b, c, d, a, k[8], 20,  1163531501);
+a = gg(a, b, c, d, k[13], 5, -1444681467);
+d = gg(d, a, b, c, k[2], 9, -51403784);
+c = gg(c, d, a, b, k[7], 14,  1735328473);
+b = gg(b, c, d, a, k[12], 20, -1926607734);
+
+a = hh(a, b, c, d, k[5], 4, -378558);
+d = hh(d, a, b, c, k[8], 11, -2022574463);
+c = hh(c, d, a, b, k[11], 16,  1839030562);
+b = hh(b, c, d, a, k[14], 23, -35309556);
+a = hh(a, b, c, d, k[1], 4, -1530992060);
+d = hh(d, a, b, c, k[4], 11,  1272893353);
+c = hh(c, d, a, b, k[7], 16, -155497632);
+b = hh(b, c, d, a, k[10], 23, -1094730640);
+a = hh(a, b, c, d, k[13], 4,  681279174);
+d = hh(d, a, b, c, k[0], 11, -358537222);
+c = hh(c, d, a, b, k[3], 16, -722521979);
+b = hh(b, c, d, a, k[6], 23,  76029189);
+a = hh(a, b, c, d, k[9], 4, -640364487);
+d = hh(d, a, b, c, k[12], 11, -421815835);
+c = hh(c, d, a, b, k[15], 16,  530742520);
+b = hh(b, c, d, a, k[2], 23, -995338651);
+
+a = ii(a, b, c, d, k[0], 6, -198630844);
+d = ii(d, a, b, c, k[7], 10,  1126891415);
+c = ii(c, d, a, b, k[14], 15, -1416354905);
+b = ii(b, c, d, a, k[5], 21, -57434055);
+a = ii(a, b, c, d, k[12], 6,  1700485571);
+d = ii(d, a, b, c, k[3], 10, -1894986606);
+c = ii(c, d, a, b, k[10], 15, -1051523);
+b = ii(b, c, d, a, k[1], 21, -2054922799);
+a = ii(a, b, c, d, k[8], 6,  1873313359);
+d = ii(d, a, b, c, k[15], 10, -30611744);
+c = ii(c, d, a, b, k[6], 15, -1560198380);
+b = ii(b, c, d, a, k[13], 21,  1309151649);
+a = ii(a, b, c, d, k[4], 6, -145523070);
+d = ii(d, a, b, c, k[11], 10, -1120210379);
+c = ii(c, d, a, b, k[2], 15,  718787259);
+b = ii(b, c, d, a, k[9], 21, -343485551);
+
+x[0] = add32(a, x[0]);
+x[1] = add32(b, x[1]);
+x[2] = add32(c, x[2]);
+x[3] = add32(d, x[3]);
+
+}
+
+function cmn(q, a, b, x, s, t) {
+a = add32(add32(a, q), add32(x, t));
+return add32((a << s) | (a >>> (32 - s)), b);
+}
+
+function ff(a, b, c, d, x, s, t) {
+return cmn((b & c) | ((~b) & d), a, b, x, s, t);
+}
+
+function gg(a, b, c, d, x, s, t) {
+return cmn((b & d) | (c & (~d)), a, b, x, s, t);
+}
+
+function hh(a, b, c, d, x, s, t) {
+return cmn(b ^ c ^ d, a, b, x, s, t);
+}
+
+function ii(a, b, c, d, x, s, t) {
+return cmn(c ^ (b | (~d)), a, b, x, s, t);
+}
+
+function md51(s) {
+txt = '';
+var n = s.length,
+state = [1732584193, -271733879, -1732584194, 271733878], i;
+for (i=64; i<=s.length; i+=64) {
+md5cycle(state, md5blk(s.substring(i-64, i)));
+}
+s = s.substring(i-64);
+var tail = [0,0,0,0, 0,0,0,0, 0,0,0,0, 0,0,0,0];
+for (i=0; i<s.length; i++)
+tail[i>>2] |= s.charCodeAt(i) << ((i%4) << 3);
+tail[i>>2] |= 0x80 << ((i%4) << 3);
+if (i > 55) {
+md5cycle(state, tail);
+for (i=0; i<16; i++) tail[i] = 0;
+}
+tail[14] = n*8;
+md5cycle(state, tail);
+return state;
+}
+
+/* there needs to be support for Unicode here,
+ * unless we pretend that we can redefine the MD-5
+ * algorithm for multi-byte characters (perhaps
+ * by adding every four 16-bit characters and
+ * shortening the sum to 32 bits). Otherwise
+ * I suggest performing MD-5 as if every character
+ * was two bytes--e.g., 0040 0025 = @%--but then
+ * how will an ordinary MD-5 sum be matched?
+ * There is no way to standardize text to something
+ * like UTF-8 before transformation; speed cost is
+ * utterly prohibitive. The JavaScript standard
+ * itself needs to look at this: it should start
+ * providing access to strings as preformed UTF-8
+ * 8-bit unsigned value arrays.
+ */
+function md5blk(s) { /* I figured global was faster.   */
+var md5blks = [], i; /* Andy King said do it this way. */
+for (i=0; i<64; i+=4) {
+md5blks[i>>2] = s.charCodeAt(i)
++ (s.charCodeAt(i+1) << 8)
++ (s.charCodeAt(i+2) << 16)
++ (s.charCodeAt(i+3) << 24);
+}
+return md5blks;
+}
+
+var hex_chr = '0123456789abcdef'.split('');
+
+function rhex(n)
+{
+var s='', j=0;
+for(; j<4; j++)
+s += hex_chr[(n >> (j * 8 + 4)) & 0x0F]
++ hex_chr[(n >> (j * 8)) & 0x0F];
+return s;
+}
+
+function hex(x) {
+for (var i=0; i<x.length; i++)
+x[i] = rhex(x[i]);
+return x.join('');
+}
+
+function md5(s) {
+return hex(md51(s));
+}
+
+/* this function is much faster,
+so if possible we use it. Some IEs
+are the only ones I know of that
+need the idiotic second function,
+generated by an if clause.  */
+
+function add32(a, b) {
+return (a + b) & 0xFFFFFFFF;
+}
+
+if (md5('hello') != '5d41402abc4b2a76b9719d911017c592') {
+function add32(x, y) {
+var lsw = (x & 0xFFFF) + (y & 0xFFFF),
+msw = (x >> 16) + (y >> 16) + (lsw >> 16);
+return (msw << 16) | (lsw & 0xFFFF);
+}
+}
diff --git a/simple_websockets/www/getpass.js b/simple_websockets/www/getpass.js
new file mode 100644
index 0000000..0183d1d
--- /dev/null
+++ b/simple_websockets/www/getpass.js
@@ -0,0 +1,30 @@
+;(function () { 'use strict';
+	var Pass = {};
+	var pwform = null, pw = null;
+	var onenter = function(){};
+	function retPass(){
+		if(!pwform) return;
+		var p = pw.value, c;
+		while(c = pwform.firstChild) pwform.removeChild(c);
+		pwform.parentNode.removeChild(pwform);
+		pw = null;
+		pwform = null;
+		Pass.onenter(p);
+	}
+	function askPass(){
+		pwform = document.createElement("div");
+		pwform.style = "width: 100%; height: 100%; position: absolute; top: 0; left: 0; background: lightgray; opacity: 0.75;"
+		document.body.appendChild(pwform);
+		var d = document.createElement("div");
+		d.style = "position: absolute; top: 50%; left: 50%; transform: translate(-50%, -50%);";
+		d.innerHTML = "<div>Enter password:</div>"
+		pw = document.createElement("input");
+		pw.setAttribute("type", "password");
+		pw.onchange = retPass;
+		d.appendChild(pw);
+		pwform.appendChild(d);
+	}
+	Pass.get = askPass;
+	Pass.onenter = onenter;
+	window.GetPass = Pass;
+}());
diff --git a/simple_websockets/www/localstore.js b/simple_websockets/www/localstore.js
new file mode 100644
index 0000000..0709a58
--- /dev/null
+++ b/simple_websockets/www/localstore.js
@@ -0,0 +1,62 @@
+;(function () { 'use strict';
+var localCookies = function(){
+function get(nm){
+	var name = nm + "=";
+	var ca = document.cookie.split(';');
+	for(var i=0; i < ca.length; i++){
+		var c = ca[i];
+		while (c.charAt(0)==' ') c = c.substring(1);
+		if (c.indexOf(name) != -1)
+			return c.substring(name.length,c.length);
+	}
+	return "";
+}
+function set(nm, val){
+	var date = new Date();
+	date.setFullYear(date.getFullYear() + 1);
+	document.cookie = nm + "=" + val + ";" + "expires=" + date.toUTCString() + ";";
+}
+return{
+	getItem : get,
+	setItem : set
+	};
+}();
+
+var stor;
+
+if(!window.localStorage){
+	console.log("No localStorage found, use cookies");
+	stor = localCookies;
+}else
+	stor = window.localStorage;
+
+/*
+ * Load object nm from local storage
+ * if it's absent set it to defval or return null if devfal undefined
+ */
+function LoadObject(nm, defval){
+	var val = null;
+	try{
+		var X = stor.getItem(nm);
+		console.log("get "+nm+", got: "+X);
+		val = JSON.parse(X);
+	}catch(e){
+		console.log(e);
+	}
+	if(val == null && typeof(defval) != "undefined"){
+		val = defval;
+	}
+	console.log("load: " + nm +" ("+val+")");
+	return val;
+}
+/*
+ * Save object obj in local storage as nm
+ */
+function SaveObject(nm, obj){
+	stor.setItem(nm, JSON.stringify(obj));
+	console.log("save: " + nm +" ("+JSON.stringify(obj)+")");
+}
+	window.Storage = {};
+	window.Storage.load = LoadObject;
+	window.Storage.save = SaveObject;
+}());
diff --git a/simple_websockets/www/md5.js b/simple_websockets/www/md5.js
new file mode 100644
index 0000000..4be80f8
--- /dev/null
+++ b/simple_websockets/www/md5.js
@@ -0,0 +1,279 @@
+/*
+ * JavaScript MD5
+ * https://github.com/blueimp/JavaScript-MD5
+ *
+ * Copyright 2011, Sebastian Tschan
+ * https://blueimp.net
+ *
+ * Licensed under the MIT license:
+ * http://www.opensource.org/licenses/MIT
+ *
+ * Based on
+ * A JavaScript implementation of the RSA Data Security, Inc. MD5 Message
+ * Digest Algorithm, as defined in RFC 1321.
+ * Version 2.2 Copyright (C) Paul Johnston 1999 - 2009
+ * Other contributors: Greg Holt, Andrew Kepert, Ydnar, Lostinet
+ * Distributed under the BSD License
+ * See http://pajhome.org.uk/crypt/md5 for more info.
+ */
+
+/*global unescape, define, module */
+
+;(function ($) {
+  'use strict'
+
+  /*
+  * Add integers, wrapping at 2^32. This uses 16-bit operations internally
+  * to work around bugs in some JS interpreters.
+  */
+  function safe_add (x, y) {
+    var lsw = (x & 0xFFFF) + (y & 0xFFFF)
+    var msw = (x >> 16) + (y >> 16) + (lsw >> 16)
+    return (msw << 16) | (lsw & 0xFFFF)
+  }
+
+  /*
+  * Bitwise rotate a 32-bit number to the left.
+  */
+  function bit_rol (num, cnt) {
+    return (num << cnt) | (num >>> (32 - cnt))
+  }
+
+  /*
+  * These functions implement the four basic operations the algorithm uses.
+  */
+  function md5_cmn (q, a, b, x, s, t) {
+    return safe_add(bit_rol(safe_add(safe_add(a, q), safe_add(x, t)), s), b)
+  }
+  function md5_ff (a, b, c, d, x, s, t) {
+    return md5_cmn((b & c) | ((~b) & d), a, b, x, s, t)
+  }
+  function md5_gg (a, b, c, d, x, s, t) {
+    return md5_cmn((b & d) | (c & (~d)), a, b, x, s, t)
+  }
+  function md5_hh (a, b, c, d, x, s, t) {
+    return md5_cmn(b ^ c ^ d, a, b, x, s, t)
+  }
+  function md5_ii (a, b, c, d, x, s, t) {
+    return md5_cmn(c ^ (b | (~d)), a, b, x, s, t)
+  }
+
+  /*
+  * Calculate the MD5 of an array of little-endian words, and a bit length.
+  */
+  function binl_md5 (x, len) {
+    /* append padding */
+    x[len >> 5] |= 0x80 << (len % 32)
+    x[(((len + 64) >>> 9) << 4) + 14] = len
+
+    var i
+    var olda
+    var oldb
+    var oldc
+    var oldd
+    var a = 1732584193
+    var b = -271733879
+    var c = -1732584194
+    var d = 271733878
+
+    for (i = 0; i < x.length; i += 16) {
+      olda = a
+      oldb = b
+      oldc = c
+      oldd = d
+
+      a = md5_ff(a, b, c, d, x[i], 7, -680876936)
+      d = md5_ff(d, a, b, c, x[i + 1], 12, -389564586)
+      c = md5_ff(c, d, a, b, x[i + 2], 17, 606105819)
+      b = md5_ff(b, c, d, a, x[i + 3], 22, -1044525330)
+      a = md5_ff(a, b, c, d, x[i + 4], 7, -176418897)
+      d = md5_ff(d, a, b, c, x[i + 5], 12, 1200080426)
+      c = md5_ff(c, d, a, b, x[i + 6], 17, -1473231341)
+      b = md5_ff(b, c, d, a, x[i + 7], 22, -45705983)
+      a = md5_ff(a, b, c, d, x[i + 8], 7, 1770035416)
+      d = md5_ff(d, a, b, c, x[i + 9], 12, -1958414417)
+      c = md5_ff(c, d, a, b, x[i + 10], 17, -42063)
+      b = md5_ff(b, c, d, a, x[i + 11], 22, -1990404162)
+      a = md5_ff(a, b, c, d, x[i + 12], 7, 1804603682)
+      d = md5_ff(d, a, b, c, x[i + 13], 12, -40341101)
+      c = md5_ff(c, d, a, b, x[i + 14], 17, -1502002290)
+      b = md5_ff(b, c, d, a, x[i + 15], 22, 1236535329)
+
+      a = md5_gg(a, b, c, d, x[i + 1], 5, -165796510)
+      d = md5_gg(d, a, b, c, x[i + 6], 9, -1069501632)
+      c = md5_gg(c, d, a, b, x[i + 11], 14, 643717713)
+      b = md5_gg(b, c, d, a, x[i], 20, -373897302)
+      a = md5_gg(a, b, c, d, x[i + 5], 5, -701558691)
+      d = md5_gg(d, a, b, c, x[i + 10], 9, 38016083)
+      c = md5_gg(c, d, a, b, x[i + 15], 14, -660478335)
+      b = md5_gg(b, c, d, a, x[i + 4], 20, -405537848)
+      a = md5_gg(a, b, c, d, x[i + 9], 5, 568446438)
+      d = md5_gg(d, a, b, c, x[i + 14], 9, -1019803690)
+      c = md5_gg(c, d, a, b, x[i + 3], 14, -187363961)
+      b = md5_gg(b, c, d, a, x[i + 8], 20, 1163531501)
+      a = md5_gg(a, b, c, d, x[i + 13], 5, -1444681467)
+      d = md5_gg(d, a, b, c, x[i + 2], 9, -51403784)
+      c = md5_gg(c, d, a, b, x[i + 7], 14, 1735328473)
+      b = md5_gg(b, c, d, a, x[i + 12], 20, -1926607734)
+
+      a = md5_hh(a, b, c, d, x[i + 5], 4, -378558)
+      d = md5_hh(d, a, b, c, x[i + 8], 11, -2022574463)
+      c = md5_hh(c, d, a, b, x[i + 11], 16, 1839030562)
+      b = md5_hh(b, c, d, a, x[i + 14], 23, -35309556)
+      a = md5_hh(a, b, c, d, x[i + 1], 4, -1530992060)
+      d = md5_hh(d, a, b, c, x[i + 4], 11, 1272893353)
+      c = md5_hh(c, d, a, b, x[i + 7], 16, -155497632)
+      b = md5_hh(b, c, d, a, x[i + 10], 23, -1094730640)
+      a = md5_hh(a, b, c, d, x[i + 13], 4, 681279174)
+      d = md5_hh(d, a, b, c, x[i], 11, -358537222)
+      c = md5_hh(c, d, a, b, x[i + 3], 16, -722521979)
+      b = md5_hh(b, c, d, a, x[i + 6], 23, 76029189)
+      a = md5_hh(a, b, c, d, x[i + 9], 4, -640364487)
+      d = md5_hh(d, a, b, c, x[i + 12], 11, -421815835)
+      c = md5_hh(c, d, a, b, x[i + 15], 16, 530742520)
+      b = md5_hh(b, c, d, a, x[i + 2], 23, -995338651)
+
+      a = md5_ii(a, b, c, d, x[i], 6, -198630844)
+      d = md5_ii(d, a, b, c, x[i + 7], 10, 1126891415)
+      c = md5_ii(c, d, a, b, x[i + 14], 15, -1416354905)
+      b = md5_ii(b, c, d, a, x[i + 5], 21, -57434055)
+      a = md5_ii(a, b, c, d, x[i + 12], 6, 1700485571)
+      d = md5_ii(d, a, b, c, x[i + 3], 10, -1894986606)
+      c = md5_ii(c, d, a, b, x[i + 10], 15, -1051523)
+      b = md5_ii(b, c, d, a, x[i + 1], 21, -2054922799)
+      a = md5_ii(a, b, c, d, x[i + 8], 6, 1873313359)
+      d = md5_ii(d, a, b, c, x[i + 15], 10, -30611744)
+      c = md5_ii(c, d, a, b, x[i + 6], 15, -1560198380)
+      b = md5_ii(b, c, d, a, x[i + 13], 21, 1309151649)
+      a = md5_ii(a, b, c, d, x[i + 4], 6, -145523070)
+      d = md5_ii(d, a, b, c, x[i + 11], 10, -1120210379)
+      c = md5_ii(c, d, a, b, x[i + 2], 15, 718787259)
+      b = md5_ii(b, c, d, a, x[i + 9], 21, -343485551)
+
+      a = safe_add(a, olda)
+      b = safe_add(b, oldb)
+      c = safe_add(c, oldc)
+      d = safe_add(d, oldd)
+    }
+    return [a, b, c, d]
+  }
+
+  /*
+  * Convert an array of little-endian words to a string
+  */
+  function binl2rstr (input) {
+    var i
+    var output = ''
+    for (i = 0; i < input.length * 32; i += 8) {
+      output += String.fromCharCode((input[i >> 5] >>> (i % 32)) & 0xFF)
+    }
+    return output
+  }
+
+  /*
+  * Convert a raw string to an array of little-endian words
+  * Characters >255 have their high-byte silently ignored.
+  */
+  function rstr2binl (input) {
+    var i
+    var output = []
+    output[(input.length >> 2) - 1] = undefined
+    for (i = 0; i < output.length; i += 1) {
+      output[i] = 0
+    }
+    for (i = 0; i < input.length * 8; i += 8) {
+      output[i >> 5] |= (input.charCodeAt(i / 8) & 0xFF) << (i % 32)
+    }
+    return output
+  }
+
+  /*
+  * Calculate the MD5 of a raw string
+  */
+  function rstr_md5 (s) {
+    return binl2rstr(binl_md5(rstr2binl(s), s.length * 8))
+  }
+
+  /*
+  * Calculate the HMAC-MD5, of a key and some data (raw strings)
+  */
+  function rstr_hmac_md5 (key, data) {
+    var i
+    var bkey = rstr2binl(key)
+    var ipad = []
+    var opad = []
+    var hash
+    ipad[15] = opad[15] = undefined
+    if (bkey.length > 16) {
+      bkey = binl_md5(bkey, key.length * 8)
+    }
+    for (i = 0; i < 16; i += 1) {
+      ipad[i] = bkey[i] ^ 0x36363636
+      opad[i] = bkey[i] ^ 0x5C5C5C5C
+    }
+    hash = binl_md5(ipad.concat(rstr2binl(data)), 512 + data.length * 8)
+    return binl2rstr(binl_md5(opad.concat(hash), 512 + 128))
+  }
+
+  /*
+  * Convert a raw string to a hex string
+  */
+  function rstr2hex (input) {
+    var hex_tab = '0123456789abcdef'
+    var output = ''
+    var x
+    var i
+    for (i = 0; i < input.length; i += 1) {
+      x = input.charCodeAt(i)
+      output += hex_tab.charAt((x >>> 4) & 0x0F) +
+      hex_tab.charAt(x & 0x0F)
+    }
+    return output
+  }
+
+  /*
+  * Encode a string as utf-8
+  */
+  function str2rstr_utf8 (input) {
+    return unescape(encodeURIComponent(input))
+  }
+
+  /*
+  * Take string arguments and return either raw or hex encoded strings
+  */
+  function raw_md5 (s) {
+    return rstr_md5(str2rstr_utf8(s))
+  }
+  function hex_md5 (s) {
+    return rstr2hex(raw_md5(s))
+  }
+  function raw_hmac_md5 (k, d) {
+    return rstr_hmac_md5(str2rstr_utf8(k), str2rstr_utf8(d))
+  }
+  function hex_hmac_md5 (k, d) {
+    return rstr2hex(raw_hmac_md5(k, d))
+  }
+
+  function md5 (string, key, raw) {
+    if (!key) {
+      if (!raw) {
+        return hex_md5(string)
+      }
+      return raw_md5(string)
+    }
+    if (!raw) {
+      return hex_hmac_md5(key, string)
+    }
+    return raw_hmac_md5(key, string)
+  }
+
+  if (typeof define === 'function' && define.amd) {
+    define(function () {
+      return md5
+    })
+  } else if (typeof module === 'object' && module.exports) {
+    module.exports = md5
+  } else {
+    $.md5 = md5
+  }
+}(this))
diff --git a/simple_websockets/www/test.html b/simple_websockets/www/test.html
index abf6959..5bc1f95 100644
--- a/simple_websockets/www/test.html
+++ b/simple_websockets/www/test.html
@@ -5,11 +5,15 @@
 	.content { vertical-align:top; text-align:center; background:#fffff0; padding:12px; border-radius:10px; }
 	button { display: block; width: 70px; text-align: center; }
 	.container {border: solid 1px;  border-radius:10px; padding:12px; }
-</style>
-<script>
+	</style>
+	<script type="text/javascript" src="./md5.js" language="javascript"></script>
+	<script type="text/javascript" src="./localstore.js" language="javascript"></script>
+	<script type="text/javascript" src="./getpass.js" language="javascript"></script>
+<script type="text/javascript">
 (function () { 'use strict';
 	var socket;
-	var connected = 0;
+	var pwhash = "", salt = "";
+	var connected = 0, verified = 0;
 	var wdTmout, faulttmout;
 	function $(nm){return document.getElementById(nm);}
 	function get_ws_url(){
@@ -40,34 +44,69 @@
 			alert("Error: can't create websocket!\nMake sure that your browser supports websockets");
 			return;
 		}
+		function chkdata(msg){
+			if(msg.substr(0,6) == "pwhash"){
+				salt = msg.substr(6);
+				console.log("salt="+salt);
+				console.log("md5="+md5(salt+pwhash));
+				if(pwhash != "") socket.send(md5(salt+pwhash));
+				else{
+					console.log("empty password!");
+					GetPass.get();
+					return;
+				}
+			}
+			else if(msg == "authOK") verified = 1;
+			else if(msg == "badpass"){
+				verified = 0;
+				alert("Wrong password!");
+				pwhash == "";
+				GetPass.get();
+			}
+		}
 		try {
 			socket.onopen = function(){
 				$("connected").style.backgroundColor = "#40ff40";
 				$("connected").textContent = "Connection opened";
 				connected = 1;
-				socket.send("hello");
+				verified = 0;
+				salt = "";
 			}
 			socket.onmessage = function(msg){
-				var answ =  msg.data
-				$("lastmsg").textContent = answ;
+				var answ =  msg.data;
+				console.log("got: "+answ);
+				if(!verified) chkdata(answ);
+				else $("lastmsg").textContent = answ;
 			}
 			socket.onclose = function(){
 				$("connected").style.backgroundColor = "#ff4040";
 				$("connected").textContent = "Connection closed";
 				$("lastmsg").textContent = "";
 				connected = 0;
+				verified = 0;
 				setTimeout(TryConnect, 1000);
+				socket = null;
 			}
 		} catch(exception) {
 			alert('Error' + exception);
 		}
 	}
+	function calcHash(pass){
+		pwhash = md5(pass)
+		console.log("MD5: " + pwhash);
+		Storage.save("pwhash", pwhash);
+		if(salt != "" && socket)
+			socket.send(md5(salt+pwhash));
+	}
 	function init(){
 		$("sendmsg").onclick = sendmsg;
+		pwhash = Storage.load("pwhash", "");
+		GetPass.onenter = calcHash;
 		TryConnect();
 	}
 	function sendmsg(){
 		if(connected) socket.send($("msgtosend").value);
+		$("md5").textContent = md5($("msgtosend").value);
 	}
 	var WStest = {};
 	WStest.init = init;
@@ -81,6 +120,7 @@
 	<div><input type="text" id="msgtosend" size="15"><button id="sendmsg">Send</button></div>
 	<div id="connected">No connection</div>
 	<div id="lastmsg"></div>
+	<div>Message MD5 sum: <span id="md5"></span></div>
 	</div>
 </body>
 </html>