diff --git a/fp-includes/core/core.system.php b/fp-includes/core/core.system.php
index 2ca0ac6..01f3468 100755
--- a/fp-includes/core/core.system.php
+++ b/fp-includes/core/core.system.php
@@ -59,6 +59,15 @@ function system_save($file, $array) {
 	// } else die('Wrong number of parameters!');
 }
 
+function system_hashsalt_save($force = false) {
+	global $fp_config;
+	if ($force || !file_exists(HASHSALT_FILE))
+		return system_save(HASHSALT_FILE, array(
+			'fp_hashsalt' => $fp_config ['general'] ['blogid'] . ABS_PATH . BLOG_BASEURL . mt_rand()
+		));
+	return true;
+}
+
 define('SYSTEM_VER', '1.2.dev');
 
 function system_ver() {
diff --git a/fp-includes/core/core.users.php b/fp-includes/core/core.users.php
index 74077b3..f8f0580 100755
--- a/fp-includes/core/core.users.php
+++ b/fp-includes/core/core.users.php
@@ -59,9 +59,6 @@ function user_login($userid, $pwd, $params = null) {
 		user_add($user);
 		// ... and update user data from re-read user file
 		$user = user_get($userid);
-
-		// after updating the user, we don't need the password hash file any more
-		io_delete_file(HASHSALT_FILE);
 	}
 
 	if ($loggedin) {
diff --git a/setup/lib/main.lib.php b/setup/lib/main.lib.php
index 8effc71..4d1048a 100644
--- a/setup/lib/main.lib.php
+++ b/setup/lib/main.lib.php
@@ -131,6 +131,8 @@ function validate() {
 
 	config_save();
 
+	system_hashsalt_save();
+
 	user_add($user);
 
 	return true;