diff --git a/olapp/core/views.py b/olapp/core/views.py
index a145d55ba527da566e7f7170874d11e717a6ed37..4289847a2d4a77ddd60bc593205e1855b5d1baef 100644
--- a/olapp/core/views.py
+++ b/olapp/core/views.py
@@ -284,7 +284,7 @@ class LoginRedirectView(View):
         token = request.GET.get("token")
 
         # get cookie max_age from token
-        payload = jwt.decode(token, verify=False)
+        payload = jwt.decode(token, algorithms=[settings.JWT_ALGORITHM], verify=False)
         max_age = payload["exp"] - time.time()
 
         response = HttpResponseRedirect(reverse("account"))
diff --git a/olapp/settings.py b/olapp/settings.py
index bf089a97fbd3dadfa9738665e2fa185c3dd45174..39953dd973f337f54d53797eb8d8acb6df0bbbac 100644
--- a/olapp/settings.py
+++ b/olapp/settings.py
@@ -114,3 +114,6 @@ OPENLOBBY_API_URL = f"{openlobby_server_dsn}/graphql"
 APP_URL = os.environ.get("APP_URL", "http://localhost:8020")
 
 ACCESS_TOKEN_COOKIE = "ol_access_token"
+
+# signature algorithm JSON Web Tokens
+JWT_ALGORITHM = "HS512"