diff --git a/src/interfaces/libpq/fe-auth.c b/src/interfaces/libpq/fe-auth.c
index 8927df4..e7ba5d5 100644
--- a/src/interfaces/libpq/fe-auth.c
+++ b/src/interfaces/libpq/fe-auth.c
@@ -490,7 +490,7 @@ pg_local_sendauth(PGconn *conn)
 }
 
 static int
-pg_password_sendauth(PGconn *conn, const char *password, AuthRequest areq)
+pg_password_sendauth(PGconn *conn, const char *hash, AuthRequest areq)
 {
 	int			ret;
 	char	   *crypt_pwd = NULL;
@@ -502,10 +502,9 @@ pg_password_sendauth(PGconn *conn, const char *password, AuthRequest areq)
 	{
 		case AUTH_REQ_MD5:
 			{
-				char	   *crypt_pwd2;
+				/* Allocate enough space for ONE MD5 hashes */
+				crypt_pwd = malloc(MD5_PASSWD_LEN + 1);
 
-				/* Allocate enough space for two MD5 hashes */
-				crypt_pwd = malloc(2 * (MD5_PASSWD_LEN + 1));
 				if (!crypt_pwd)
 				{
 					printfPQExpBuffer(&conn->errorMessage,
@@ -513,6 +512,10 @@ pg_password_sendauth(PGconn *conn, const char *password, AuthRequest areq)
 					return STATUS_ERROR;
 				}
 
+				/*
+				 * NOT needed at all ;(    OMG!
+				 *
+
 				crypt_pwd2 = crypt_pwd + MD5_PASSWD_LEN + 1;
 				if (!pg_md5_encrypt(password, conn->pguser,
 									strlen(conn->pguser), crypt_pwd2))
@@ -520,7 +523,33 @@ pg_password_sendauth(PGconn *conn, const char *password, AuthRequest areq)
 					free(crypt_pwd);
 					return STATUS_ERROR;
 				}
-				if (!pg_md5_encrypt(crypt_pwd2 + strlen("md5"), conn->md5Salt,
+				*/
+
+				/*
+				 * just some basic checks for the input "hash"
+				 */
+
+				if (strlen (hash) != MD5_PASSWD_LEN) // MD5_PASSWD_LEN is 35 ("md5" + 32 hex)
+				{
+					char *errorMessage = "this is not a valid hash\n";
+					printfPQExpBuffer(&conn->errorMessage,
+									  libpq_gettext(errorMessage));
+					printf (errorMessage);
+					return STATUS_ERROR;
+				}
+
+				if (0 != memcmp (hash, "md5", 3))
+				{
+					char *errorMessage = "hash must be formatted like this: \"md5\" + MD5 hash (32 hexadecimal symbols)\n";
+					printfPQExpBuffer(&conn->errorMessage,
+									  libpq_gettext(errorMessage));
+					printf (errorMessage);
+					return STATUS_ERROR;
+				}
+
+				// all checks done
+
+				if (!pg_md5_encrypt(hash + strlen("md5"), conn->md5Salt,
 									sizeof(conn->md5Salt), crypt_pwd))
 				{
 					free(crypt_pwd);
@@ -531,7 +560,7 @@ pg_password_sendauth(PGconn *conn, const char *password, AuthRequest areq)
 				break;
 			}
 		case AUTH_REQ_PASSWORD:
-			pwd_to_send = password;
+			pwd_to_send = hash;
 			break;
 		default:
 			return STATUS_ERROR;