diff --git a/admin/src/app/login/page.tsx b/admin/src/app/login/page.tsx
index 62bef29..bf367c1 100644
--- a/admin/src/app/login/page.tsx
+++ b/admin/src/app/login/page.tsx
@@ -28,14 +28,17 @@ export default function LoginPage() {
   }, []);
 
   const performLogin = useCallback(async () => {
-    if (!altchaVerified) {
+    // Use development bypass for now
+    const token = process.env.NODE_ENV === 'development' ? 'BYPASS_DEV_MODE' : altchaToken;
+    
+    if (!token && !altchaVerified) {
       setError('Please complete the security verification');
       return;
     }
 
     setLoading(true);
     try {
-      await login(emailRef.current, passwordRef.current, altchaToken);
+      await login(emailRef.current, passwordRef.current, token);
       router.push('/');
     } catch (err: any) {
       setError(err.message || 'Login failed. Check your credentials.');
@@ -110,7 +113,7 @@ export default function LoginPage() {
             <button
               type="submit"
               className="btn-primary w-full"
-              disabled={loading || !altchaVerified}
+              disabled={loading || (process.env.NODE_ENV !== 'development' && !altchaVerified)}
             >
               {loading ? 'Signing in...' : 'Sign In'}
             </button>
diff --git a/go-backend/internal/handlers/auth_handler.go b/go-backend/internal/handlers/auth_handler.go
index b8598b8..01546e9 100644
--- a/go-backend/internal/handlers/auth_handler.go
+++ b/go-backend/internal/handlers/auth_handler.go
@@ -599,15 +599,22 @@ func (h *AuthHandler) ResetPassword(c *gin.Context) {
 }
 
 func (h *AuthHandler) GetAltchaChallenge(c *gin.Context) {
-	// Generate a proper ALTCHA challenge
-	salt := fmt.Sprintf("%d", time.Now().UnixNano())
+	// Generate a proper ALTCHA challenge compatible with the widget
+	// The widget expects: algorithm, challenge, salt, signature
 
-	// Create a simple number challenge (find a number that when hashed with salt produces a hash starting with certain digits)
-	challenge := fmt.Sprintf("%x", sha256.Sum256([]byte(salt)))[:10]
+	// Generate random salt
+	salt := fmt.Sprintf("%x", time.Now().UnixNano())
 
-	// Create HMAC signature using JWT secret as the key
+	// Generate a random number that needs to be found (the challenge)
+	// The widget will try to find a number that when combined with salt produces a hash with specific properties
+	randomBytes := make([]byte, 16)
+	rand.Read(randomBytes)
+	challenge := fmt.Sprintf("%x", randomBytes)
+
+	// Create HMAC signature: HMAC(secret, challenge + salt)
 	mac := hmac.New(sha256.New, []byte(h.config.JWTSecret))
-	mac.Write([]byte(challenge + salt))
+	mac.Write([]byte(challenge))
+	mac.Write([]byte(salt))
 	signature := hex.EncodeToString(mac.Sum(nil))
 
 	response := map[string]interface{}{
diff --git a/sojorn_app/.gitignore b/sojorn_app/.gitignore
index d45aaa2..f1c063a 100644
--- a/sojorn_app/.gitignore
+++ b/sojorn_app/.gitignore
@@ -1,5 +1,7 @@
 # Miscellaneous
 *.sql
+*.psd
+*.ai
 *.class
 *.log
 *.pyc