diff --git a/Foxnouns.Backend/Services/Auth/AuthService.cs b/Foxnouns.Backend/Services/Auth/AuthService.cs
index 89248cd..f8c2428 100644
--- a/Foxnouns.Backend/Services/Auth/AuthService.cs
+++ b/Foxnouns.Backend/Services/Auth/AuthService.cs
@@ -358,7 +358,7 @@ public class AuthService(
 
     private static (string, byte[]) GenerateToken()
     {
-        string token = AuthUtils.RandomToken();
+        string token = AuthUtils.RandomUrlUnsafeToken();
         byte[] hash = SHA512.HashData(Convert.FromBase64String(token));
 
         return (token, hash);
diff --git a/Foxnouns.Backend/Utils/AuthUtils.cs b/Foxnouns.Backend/Utils/AuthUtils.cs
index 8a35cdc..5ebd745 100644
--- a/Foxnouns.Backend/Utils/AuthUtils.cs
+++ b/Foxnouns.Backend/Utils/AuthUtils.cs
@@ -130,10 +130,11 @@ public static class AuthUtils
         return TryFromBase64String(input, out rawToken);
     }
 
+    public static string RandomUrlUnsafeToken(int bytes = 48) =>
+        Convert.ToBase64String(RandomNumberGenerator.GetBytes(bytes)).Trim('=');
+
     public static string RandomToken(int bytes = 48) =>
-        Convert
-            .ToBase64String(RandomNumberGenerator.GetBytes(bytes))
-            .Trim('=')
+        RandomUrlUnsafeToken()
             // Make the token URL-safe
             .Replace('+', '-')
             .Replace('/', '_');