diff --git a/kfet/auth/backends.py b/kfet/auth/backends.py
index c972fb55..1c9290d6 100644
--- a/kfet/auth/backends.py
+++ b/kfet/auth/backends.py
@@ -1,7 +1,4 @@
 # -*- coding: utf-8 -*-
-
-import hashlib
-
 from django.contrib.auth import get_user_model
 from kfet.models import Account, GenericTeamToken
 
@@ -18,12 +15,7 @@ class KFetBackend(object):
             return None
 
         try:
-            password_sha256 = (
-                hashlib.sha256(password.encode('utf-8'))
-                .hexdigest()
-            )
-            account = Account.objects.get(password=password_sha256)
-            return account.cofprofile.user
+            return Account.objects.get_by_password(password).user
         except Account.DoesNotExist:
             return None
 
diff --git a/kfet/auth/utils.py b/kfet/auth/utils.py
index 78f31028..0edc555d 100644
--- a/kfet/auth/utils.py
+++ b/kfet/auth/utils.py
@@ -1,3 +1,5 @@
+import hashlib
+
 from django.contrib.auth import get_user_model
 from django.contrib.auth.models import Permission
 
@@ -26,3 +28,7 @@ def setup_kfet_generic_user(**kwargs):
             codename='is_team',
         )
     )
+
+
+def hash_password(password):
+    return hashlib.sha256(password.encode('utf-8')).hexdigest()
diff --git a/kfet/models.py b/kfet/models.py
index 9aefb782..e547d248 100644
--- a/kfet/models.py
+++ b/kfet/models.py
@@ -12,7 +12,6 @@ from django.db import transaction
 from django.db.models import F
 from datetime import date
 import re
-import hashlib
 
 from .auth import KFET_GENERIC_TRIGRAMME
 from .auth.models import GenericTeamToken  # noqa
@@ -42,6 +41,17 @@ class AccountManager(models.Manager):
         """
         return self.get(trigramme=KFET_GENERIC_TRIGRAMME)
 
+    def get_by_password(self, password):
+        """
+        Get a kfet generic account by clear password.
+
+        Raises Account.DoesNotExist if no Account has this password.
+        """
+        from .auth.utils import hash_password
+        if password is None:
+            raise self.model.DoesNotExist
+        return self.get(password=hash_password(password))
+
 
 class Account(models.Model):
     objects = AccountManager()
@@ -245,10 +255,9 @@ class Account(models.Model):
             self.cofprofile = cof
         super(Account, self).save(*args, **kwargs)
 
-    def change_pwd(self, pwd):
-        pwd_sha256 = hashlib.sha256(pwd.encode('utf-8'))\
-                            .hexdigest()
-        self.password = pwd_sha256
+    def change_pwd(self, clear_password):
+        from .auth.utils import hash_password
+        self.password = hash_password(clear_password)
 
     # Surcharge de delete
     # Pas de suppression possible
diff --git a/kfet/tests/test_models.py b/kfet/tests/test_models.py
new file mode 100644
index 00000000..ea132acd
--- /dev/null
+++ b/kfet/tests/test_models.py
@@ -0,0 +1,25 @@
+from django.contrib.auth import get_user_model
+from django.test import TestCase
+
+from kfet.models import Account
+
+User = get_user_model()
+
+
+class AccountTests(TestCase):
+
+    def setUp(self):
+        self.account = Account(trigramme='000')
+        self.account.save({'username': 'user'})
+
+    def test_password(self):
+        self.account.change_pwd('anna')
+        self.account.save()
+
+        self.assertEqual(Account.objects.get_by_password('anna'), self.account)
+
+        with self.assertRaises(Account.DoesNotExist):
+            Account.objects.get_by_password(None)
+
+        with self.assertRaises(Account.DoesNotExist):
+            Account.objects.get_by_password('bernard')