diff --git a/templates/caddy/full/Makefile b/templates/caddy/full/Makefile
index 022ebb4..a315e65 100644
--- a/templates/caddy/full/Makefile
+++ b/templates/caddy/full/Makefile
@@ -14,9 +14,9 @@ caddy\:crowdsec-key:
 	@echo "\n=== IMPORTANT ===\nCopy the API_KEY from the output above and replace the value of CROWDSEC_API_KEY in your .env file."
 
 caddy\:generate-password:
-	@echo "Generating new password..."
+	@echo "Generating new password hash..."
 	docker exec -it caddy caddy hash-password
-	@echo "\n=== IMPORTANT ===\nCopy the password from the output above and replace the value of PROMETHEUS_PASSWORD in your Caddyfile."
+	@echo "\n=== IMPORTANT ===\nCopy the password hash from the output above and replace the value of PROMETHEUS_PASSWORD or LOKI_PASSWORD in your .env file."
 
 caddy\:logs:
 	@echo "Showing Caddy logs..."
diff --git a/web/install_caddy.sh b/web/install_caddy.sh
index 1ee5c59..2687655 100644
--- a/web/install_caddy.sh
+++ b/web/install_caddy.sh
@@ -29,14 +29,20 @@ function install_caddy() {
   echo "[ WEB ]: Starting containers to generate keys..."
   cd "$caddy_dir"
   
-  # Generate random Prometheus password
-  echo "[ WEB ]: Generating Prometheus password..."
-  PROMETHEUS_PASSWORD=$(openssl rand -base64 32)
+  # Prompt user for passwords and encrypt them using Caddy
+  echo "[ WEB ]: Setting up authentication passwords..."
+  echo -n "Enter password for Prometheus access: "
+  read -s prometheus_plain_password
+  echo
+  echo -n "Enter password for Loki access: "
+  read -s loki_plain_password
+  echo
   
   # Create .env file with placeholder
   cat > "$caddy_dir/.env" <<EOF
 CROWDSEC_API_KEY=PLACEHOLDER_WILL_BE_REPLACED
-PROMETHEUS_PASSWORD=$PROMETHEUS_PASSWORD
+PROMETHEUS_PASSWORD=PLACEHOLDER_WILL_BE_REPLACED
+LOKI_PASSWORD=PLACEHOLDER_WILL_BE_REPLACED
 EOF
   
   # Start containers
@@ -63,10 +69,17 @@ EOF
   echo "[ WEB ]: Generating CrowdSec API key..."
   CROWDSEC_API_KEY=$(sudo docker exec crowdsec cscli bouncers add caddy-bouncer -o raw)
   
-  # Update .env file with real API key
+  # Encrypt passwords using Caddy
+  echo "[ WEB ]: Encrypting Prometheus password..."
+  PROMETHEUS_PASSWORD=$(sudo docker exec caddy caddy hash-password --plaintext "$prometheus_plain_password")
+  echo "[ WEB ]: Encrypting Loki password..."
+  LOKI_PASSWORD=$(sudo docker exec caddy caddy hash-password --plaintext "$loki_plain_password")
+  
+  # Update .env file with real API key and encrypted passwords
   cat > "$caddy_dir/.env" <<EOF
 CROWDSEC_API_KEY=$CROWDSEC_API_KEY
 PROMETHEUS_PASSWORD=$PROMETHEUS_PASSWORD
+LOKI_PASSWORD=$LOKI_PASSWORD
 EOF
   
   # Restart containers with new API key
@@ -77,6 +90,7 @@ EOF
   echo "[ WEB ]: Caddy setup completed successfully!"
   echo "[ WEB ]: Configuration location: $caddy_dir"
   echo "[ WEB ]: CrowdSec API key: $CROWDSEC_API_KEY"
-  echo "[ WEB ]: Prometheus password: $PROMETHEUS_PASSWORD"
+  echo "[ WEB ]: Prometheus password: [ENCRYPTED AND STORED IN .env]"
+  echo "[ WEB ]: Loki password: [ENCRYPTED AND STORED IN .env]"
   echo "[ WEB ]: Add your site configurations to: $caddy_dir/caddy/sites-enabled/"
 }