diff --git a/includes/signin.php b/includes/signin.php
index c14cbd86e16fe9b8c27097db58f50d45dbc37b73..1f529feefd6fafa7b898ab04d8eed34e31156615 100644
--- a/includes/signin.php
+++ b/includes/signin.php
@@ -3,23 +3,21 @@ session_start();
 if(isset($_POST['signin']))
 {
 $email=$_POST['email'];
-$password=md5($_POST['password']);
-$sql ="SELECT EmailId,Password FROM tblusers WHERE EmailId=:email and Password=:password";
-$query= $dbh -> prepare($sql);
-$query-> bindParam(':email', $email, PDO::PARAM_STR);
-$query-> bindParam(':password', $password, PDO::PARAM_STR);
-$query-> execute();
-$results=$query->fetchAll(PDO::FETCH_OBJ);
-if($query->rowCount() > 0)
-{
-$_SESSION['login']=$_POST['email'];
-echo "<script type='text/javascript'> document.location = 'package-list.php'; </script>";
-} else{
-	
-	echo "<script>alert('Invalid Details');</script>";
+$password = $_POST['password'];
+$sql = "SELECT EmailId, Password FROM tblusers WHERE EmailId=:email";
+$query = $dbh->prepare($sql);
+$query->bindParam(':email', $email, PDO::PARAM_STR);
+$query->execute();
+$result = $query->fetch(PDO::FETCH_ASSOC);
 
+if ($result && password_verify($password, $result['Password'])) {
+    $_SESSION['login'] = $email;
+    echo "<script type='text/javascript'> document.location = 'package-list.php'; </script>";
+} else {
+    echo "<script>alert('Invalid Details');</script>";
 }
 
+
 }
 
 ?>