diff --git a/app/Listeners/Auth/Cas/Cas.php b/app/Listeners/Auth/Cas/Cas.php
index e20b1e698..da627e19b 100644
--- a/app/Listeners/Auth/Cas/Cas.php
+++ b/app/Listeners/Auth/Cas/Cas.php
@@ -124,7 +124,7 @@ public function handleAuthenticate($event)
 			{
 				$user = new User;
 				$user->name = $cas->getAttribute('fullname');
-				$user->api_token = Str::random(60);
+				$user->api_token = $user->generateApiToken();
 
 				$attrs = $cas->getAttributes();
 				if (isset($attrs['puid']))
@@ -173,7 +173,7 @@ public function handleAuthenticate($event)
 
 			if (!$user->api_token)
 			{
-				$user->api_token = Str::random(60);
+				$user->api_token = $user->generateApiToken();
 				$user->save();
 			}
 
diff --git a/app/Listeners/Auth/Ldap/Ldap.php b/app/Listeners/Auth/Ldap/Ldap.php
index 164c905ed..f3230a190 100644
--- a/app/Listeners/Auth/Ldap/Ldap.php
+++ b/app/Listeners/Auth/Ldap/Ldap.php
@@ -271,7 +271,7 @@ protected function getDatabaseUser(LdapUser $ldapuser): ?User
 	protected function createDatabaseUser(LdapUser $ldapuser): User
 	{
 		$user = new User;
-		$user->api_token = Str::random(60);
+		$user->api_token = $user->generateApiToken();
 
 		$userusername = new UserUsername;
 
diff --git a/app/Modules/Users/Console/CreateCommand.php b/app/Modules/Users/Console/CreateCommand.php
index a6cd9fae3..89c301b57 100644
--- a/app/Modules/Users/Console/CreateCommand.php
+++ b/app/Modules/Users/Console/CreateCommand.php
@@ -57,7 +57,7 @@ public function handle(): int
 
 		$user = new User;
 		$user->name = $name;
-		$user->api_token = Str::random(60);
+		$user->api_token = $user->generateApiToken();
 		$user->password = Hash::make($password);
 
 		$user->setDefaultRole();
diff --git a/app/Modules/Users/Console/SyncCommand.php b/app/Modules/Users/Console/SyncCommand.php
index e6a22d387..de01c4a12 100644
--- a/app/Modules/Users/Console/SyncCommand.php
+++ b/app/Modules/Users/Console/SyncCommand.php
@@ -81,7 +81,7 @@ public function handle(): void
 
 			/*if (!$user->api_token)
 			{
-				$user->api_token = Str::random(60);
+				$user->api_token = $user->generateApiToken();
 
 				$update = true;
 
diff --git a/app/Modules/Users/Http/Controllers/Admin/UsersController.php b/app/Modules/Users/Http/Controllers/Admin/UsersController.php
index 1ba6b0bd5..23a4c8ac3 100644
--- a/app/Modules/Users/Http/Controllers/Admin/UsersController.php
+++ b/app/Modules/Users/Http/Controllers/Admin/UsersController.php
@@ -324,7 +324,7 @@ public function store(Request $request)
 			{
 				$user->setDefaultRole();
 			}
-			$user->api_token = Str::random(60);
+			$user->api_token = $user->generateApiToken();
 		}
 		if (!$user->puid)
 		{
diff --git a/app/Modules/Users/Http/Controllers/Site/AuthController.php b/app/Modules/Users/Http/Controllers/Site/AuthController.php
index df8cfbf16..1b5fcc3b0 100644
--- a/app/Modules/Users/Http/Controllers/Site/AuthController.php
+++ b/app/Modules/Users/Http/Controllers/Site/AuthController.php
@@ -131,7 +131,7 @@ public function callback(Request $request)
 					{
 						$user = new User;
 						$user->name = $cas->getAttribute('fullname');
-						$user->api_token = Str::random(60);
+						$user->api_token = $user->generateApiToken();
 
 						$attrs = $cas->getAttributes();
 						if (isset($attrs['puid']))
@@ -177,7 +177,7 @@ public function callback(Request $request)
 
 						if (!$user->api_token)
 						{
-							$user->api_token = Str::random(60);
+							$user->api_token = $user->generateApiToken();
 							$user->save();
 						}
 
diff --git a/app/Modules/Users/Http/Controllers/Site/RegisterController.php b/app/Modules/Users/Http/Controllers/Site/RegisterController.php
index 908d85bc2..d2ed01c4d 100644
--- a/app/Modules/Users/Http/Controllers/Site/RegisterController.php
+++ b/app/Modules/Users/Http/Controllers/Site/RegisterController.php
@@ -96,7 +96,7 @@ public function store(Request $request): RedirectResponse
 
 		$user = new User;
 		$user->name = $request->input('name');
-		$user->api_token = Str::random(60);
+		$user->api_token = $user->generateApiToken();
 		$user->password = Hash::make($request->input('password'));
 
 		$user->setDefaultRole();
diff --git a/app/Modules/Users/Models/User.php b/app/Modules/Users/Models/User.php
index 6db10067e..cb9cd8c8d 100755
--- a/app/Modules/Users/Models/User.php
+++ b/app/Modules/Users/Models/User.php
@@ -887,7 +887,7 @@ public static function createFromUsername(string $username): User
 		}
 
 		$user->name = $user->name ?: $username;
-		$user->api_token = Str::random(60);
+		$user->api_token = $this->generateApiToken();
 
 		$user->setDefaultRole();
 
@@ -914,6 +914,21 @@ public static function createFromUsername(string $username): User
 		return $user;
 	}
 
+	/**
+	 * Generate an API token
+	 *
+	 * @return string
+	 */
+	public function generateApiToken(): string
+	{
+		return sprintf(
+			'%s%s%s',
+			config('module.users.token_prefix', ''),
+			$tokenEntropy = Str::random(52),
+			hash('crc32b', $tokenEntropy)
+		);
+	}
+
 	/**
 	 * Get user avatar
 	 *