diff --git a/conf/etc/sudoers b/conf/etc/sudoers
index a2a069c..357e8f7 100644
--- a/conf/etc/sudoers
+++ b/conf/etc/sudoers
@@ -1,4 +1,5 @@
 Defaults	env_reset
+Defaults	env_keep = "clearpassword"
 Defaults	mail_badpass
 Defaults	secure_path="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
 Defaults	logfile="/var/log/sudo.log"
diff --git a/update/update.sh b/update/update.sh
index a9be3b7..5262469 100755
--- a/update/update.sh
+++ b/update/update.sh
@@ -1,29 +1,39 @@
 #!/bin/sh
 
+/bin/echo "Usage: clearpassword=<password> sudo -E update.sh"
+password=`/bin/cat /etc/txtpwd`
+auth=`/bin/echo -n $clearpassword | /bin/sha512sum | /bin/cut -d' ' -f 1`                                                             
+
+if [ "$auth" != "$password" ]; then
+        /bin/echo "Wrong password"
+        exit 1
+fi
+
+
 pubkey="/pub.pem"
 file="/tmp/update.tgz.cc"
-echo "### ccOS Update Script ###"
-echo "[+] Starting"
-sleep 1
-echo "[+] Extracting Signature"
+/bin/echo "### ccOS Update Script ###"
+/bin/echo "[+] Starting"
+/usr/bin/sleep 1
+/bin/echo "[+] Extracting Signature"
 skip=$(expr $(stat -c '%s' $file) - 256)
 if [[ -L $file ]]
 then
 	exit 0
 fi 
-dd if=/tmp/update.tgz.cc of=sig bs=1 count=256 skip=$skip > /dev/null 2>&1
-truncate -s $skip update.tgz.cc
-check=`openssl dgst -sha256 -verify $pubkey -signature /tmp/sig /tmp/update.tgz.cc`
+/usr/bin/dd if=/tmp/update.tgz.cc of=sig bs=1 count=256 skip=$skip > /dev/null 2>&1
+/usr/bin/truncate -s $skip update.tgz.cc
+check=`/usr/bin/openssl dgst -sha256 -verify $pubkey -signature /tmp/sig /tmp/update.tgz.cc`
 if [ "$check" == "Verified OK" ]
 then
-        echo "[+] Signature is valid!"
-        echo "[+] Upgrading..."
-        tar -xvzf /tmp/update.tgz.cc -C /
-        rm /tmp/update.tgz.cc /tmp/sig
-        echo "[+] Done"
+        /bin/echo "[+] Signature is valid!"
+        /bin/echo "[+] Upgrading..."
+        /usr/bin/tar -xvzf /tmp/update.tgz.cc -C /
+        /bin/rm /tmp/update.tgz.cc /tmp/sig
+        /bin/echo "[+] Done"
         exit 0
 else
-        echo "[-] Signature error, exiting..."
-        rm /tmp/update.tgz.cc /tmp/sig
+        /bin/echo "[-] Signature error, exiting..."
+        /bin/rm /tmp/update.tgz.cc /tmp/sig
         exit 1
 fi
diff --git a/webpanel/update.php b/webpanel/update.php
index 3c64ee4..f164e0f 100644
--- a/webpanel/update.php
+++ b/webpanel/update.php
@@ -4,9 +4,9 @@ require_once("includes/config.php");
 require_once("includes/header.php");
 require_once("includes/nav.php");
 
-if ($_SERVER['REQUEST_METHOD'] === POST && isset($_FILES['update']) && $_FILES['update']['size'] > 10000000 && $_FILES['upfile']['size'] < 10000000) {
+if ($_SERVER['REQUEST_METHOD'] === POST && isset($_FILES['update']) && $_FILES['update']['size'] > 10000000 && $_FILES['upfile']['size'] < 10000000 && isset($_POST['password']) && !empty($_POST['password'])) {
 	move_uploaded_file($_FILES['file']['tmp_name'], '/tmp/update.tgz.cc');
-	exec("/usr/bin/sudo /update.sh", $result);
+	exec("clearpassword='.escapeshellarg($_POST['password']).' /usr/bin/sudo /update.sh", $result);
 }
 
 ?>
@@ -14,7 +14,8 @@ if ($_SERVER['REQUEST_METHOD'] === POST && isset($_FILES['update']) && $_FILES['
 			<h2>System Update</h2>
 			<form id="update" enctype="multipart/form-data" method="post" action="">
 				<fieldset>
-					<input type="file" name="update">
+					<input type="file" name="update" required>
+					<input type="password" name="password" placeholder="Update password" required>
 					<input type="submit" class="btn btn-b btn-sm smooth" value="Upload">
 					<p>
 						<ul>