diff --git a/.github/scripts/.bash_history b/.github/scripts/.bash_history
index 883f66e01..9b4383608 100644
--- a/.github/scripts/.bash_history
+++ b/.github/scripts/.bash_history
@@ -347,7 +347,7 @@ rm -rf jdk-18_linux-x64_bin.deb
 git rebase -i main
 git rebase -i master
 git stash
-export tempPassword="ZQWsn/dZZvKgnzy/EW9pIw68cluybu1SgKTHIBWbMxg="
+export tempPassword="1f94QXGi8zGUNiT91bconrnPLl44bCY59Y8itGyN6Yg="
 mvn run tempPassword
 k6
 npx k6
diff --git a/src/main/java/org/owasp/wrongsecrets/SecurityConfig.java b/src/main/java/org/owasp/wrongsecrets/SecurityConfig.java
index 4cbf0b290..e9582e7a5 100644
--- a/src/main/java/org/owasp/wrongsecrets/SecurityConfig.java
+++ b/src/main/java/org/owasp/wrongsecrets/SecurityConfig.java
@@ -51,7 +51,7 @@ private void configureCsrf(HttpSecurity http) throws Exception {
     http.csrf(
         csrf ->
             csrf.ignoringRequestMatchers(
-                "/canaries/tokencallback", "/canaries/tokencallbackdebug"));
+                "/canaries/tokencallback", "/canaries/tokencallbackdebug", "/token"));
   }
 
   private void configureBasicAuthentication(HttpSecurity http, List<BasicAuthentication> auths)