diff --git a/doorlockd/config.h.in b/doorlockd/config.h.in
index e9d9a22..a7c905c 100644
--- a/doorlockd/config.h.in
+++ b/doorlockd/config.h.in
@@ -22,6 +22,7 @@
 #define DEFAULT_WEB_PREFIX "https://lock.binary.kitchen/"
 #define DEFAULT_LDAP_URI "ldaps://ldap1.binary.kitchen/ ldaps://ldap2.binary.kitchen/ ldaps://ldapm.binary.kitchen/"
 #define DEFAULT_BINDDN "cn=%s,ou=Users,dc=binary-kitchen,dc=de"
+#define DEFAULT_TOKEN_LENGTH 6
 #define DEFAULT_LOG_FILE "/var/log/doorlockd.log"
 #define DEFAULT_SERIAL_DEVICE "/dev/ttyAMA0"
 #define DEFAULT_SERIAL_BAUDRATE 9600UL
diff --git a/doorlockd/daemon/doorlockd.cpp b/doorlockd/daemon/doorlockd.cpp
index 619dd27..92b983b 100644
--- a/doorlockd/daemon/doorlockd.cpp
+++ b/doorlockd/daemon/doorlockd.cpp
@@ -163,6 +163,7 @@ int main(int argc, char** argv)
     std::string bindDN;
     std::string lockPagePrefix;
     std::string logfile;
+    unsigned int tokenLength;
     std::string serDev;
     unsigned int baudrate;
 
@@ -187,6 +188,9 @@ int main(int argc, char** argv)
             ("web,w",
                 po::value<std::string>(&lockPagePrefix)->default_value(DEFAULT_WEB_PREFIX),
                 "Prefix of the webpage")
+            ("tokenLength,t",
+                po::value<unsigned int>(&tokenLength)->default_value(DEFAULT_TOKEN_LENGTH),
+                "Token length")
             ("logfile,l",
                 po::value<std::string>(&logfile)->default_value(DEFAULT_LOG_FILE),
                 "Log file")
@@ -238,6 +242,7 @@ int main(int argc, char** argv)
                                                  ldapUri,
                                                  bindDN,
                                                  lockPagePrefix,
+                                                 tokenLength,
                                                  serDev,
                                                  baudrate,
                                                  onClientMessage));
diff --git a/doorlockd/lib/logic.cpp b/doorlockd/lib/logic.cpp
index f15c52c..6d019a8 100644
--- a/doorlockd/lib/logic.cpp
+++ b/doorlockd/lib/logic.cpp
@@ -9,6 +9,7 @@ Logic::Logic(const std::chrono::seconds tokenTimeout,
              const std::string &ldapUri,
              const std::string &bindDN,
              const std::string &webPrefix,
+             const unsigned int tokenLength,
              const std::string &serDev,
              const unsigned int baudrate,
              std::condition_variable &onClientUpdate) :
@@ -18,7 +19,8 @@ Logic::Logic(const std::chrono::seconds tokenTimeout,
     _onClientUpdate(onClientUpdate),
     _ldapUri(ldapUri),
     _bindDN(bindDN),
-    _webPrefix(webPrefix)
+    _webPrefix(webPrefix),
+    _tokenLength(tokenLength)
 {
     srand(time(NULL));
     _createNewToken(false);
@@ -228,7 +230,7 @@ void Logic::_createNewToken(const bool stillValid)
     _prevToken = _curToken;
     _prevValid = stillValid;
 
-    _curToken = toHexString((((uint64_t)rand())<<32) | ((uint64_t)rand()));
+    _curToken = randHexString(_tokenLength);
 
     std::ostringstream message;
     message << "New token: " << _curToken
diff --git a/doorlockd/lib/logic.h b/doorlockd/lib/logic.h
index 60c5b84..0b2fde6 100644
--- a/doorlockd/lib/logic.h
+++ b/doorlockd/lib/logic.h
@@ -27,6 +27,7 @@ public:
           const std::string &ldapUri,
           const std::string &bindDN,
           const std::string &webPrefix,
+          const unsigned int tokenLength,
           const std::string &serDev,
           const unsigned int baudrate,
           std::condition_variable &onClientUpdate);
@@ -68,9 +69,9 @@ private:
     Door _door;
 
     // The current token
-    std::string _curToken = { "0000000000000000" };
+    std::string _curToken = {};
     // The previous token
-    std::string _prevToken = { "0000000000000000" };
+    std::string _prevToken = {};
     // Indicates whether the previous token is valid
     bool _prevValid = { false };
 
@@ -96,6 +97,8 @@ private:
     const std::string _bindDN;
     // Prefix of the website
     const std::string _webPrefix;
+    // Length of the token in bytes
+    const unsigned int _tokenLength;
 };
 
 #endif
diff --git a/doorlockd/lib/util.cpp b/doorlockd/lib/util.cpp
index d9b25ce..44a5706 100644
--- a/doorlockd/lib/util.cpp
+++ b/doorlockd/lib/util.cpp
@@ -55,27 +55,11 @@ static char nibble2hex(unsigned char input)
     return input - 0xA + 'A';
 }
 
-std::string toHexString(const uint64_t c)
+std::string randHexString(unsigned int len)
 {
     std::string retval;
-
-    retval  = nibble2hex((c>>60) & 0xF);
-    retval += nibble2hex((c>>56) & 0xF);
-    retval += nibble2hex((c>>52) & 0xF);
-    retval += nibble2hex((c>>48) & 0xF);
-    retval += nibble2hex((c>>44) & 0xF);
-    retval += nibble2hex((c>>40) & 0xF);
-    retval += nibble2hex((c>>36) & 0xF);
-    retval += nibble2hex((c>>32) & 0xF);
-    retval += nibble2hex((c>>28) & 0xF);
-    retval += nibble2hex((c>>24) & 0xF);
-    retval += nibble2hex((c>>20) & 0xF);
-    retval += nibble2hex((c>>16) & 0xF);
-    retval += nibble2hex((c>>12) & 0xF);
-    retval += nibble2hex((c>> 8) & 0xF);
-    retval += nibble2hex((c>> 4) & 0xF);
-    retval += nibble2hex((c    ) & 0xF);
-
+    while (len--)
+        retval += nibble2hex(rand() & 0xF);
     return retval;
 }
 
diff --git a/doorlockd/lib/util.h b/doorlockd/lib/util.h
index 369dd8c..80eeee5 100644
--- a/doorlockd/lib/util.h
+++ b/doorlockd/lib/util.h
@@ -23,6 +23,6 @@ static T getJsonOrFail(const Json::Value &root, const std::string &key)
     return getJson<T>(root, key);
 }
 
-std::string toHexString(uint64_t c);
+std::string randHexString(unsigned int len);
 
 #endif