diff --git a/src/main/java/org/nrg/pipeline/XnatPipelineLauncher.java b/src/main/java/org/nrg/pipeline/XnatPipelineLauncher.java
index c3d6e8fc6c0ca0b4d57ead33ea8aec964ffde91e..c912575f44b720c9d156b1c9f186a0ed0139eb9e 100644
--- a/src/main/java/org/nrg/pipeline/XnatPipelineLauncher.java
+++ b/src/main/java/org/nrg/pipeline/XnatPipelineLauncher.java
@@ -371,7 +371,7 @@ public class XnatPipelineLauncher {
         arguments.add("-u");
         arguments.add(token.getAlias());
         arguments.add("-pwd");
-        arguments.add(Long.toString(token.getSecret()));
+        arguments.add(token.getSecret());
         arguments.add("-dataType");
         arguments.add(dataType);
 
diff --git a/src/main/java/org/nrg/xnat/restlet/services/AliasTokenRestlet.java b/src/main/java/org/nrg/xnat/restlet/services/AliasTokenRestlet.java
index e73a29c357afcfa2408c6c642e294ebd2e0b435c..93920f1a6f61334231c5ee31928d4aeb8d81f490 100644
--- a/src/main/java/org/nrg/xnat/restlet/services/AliasTokenRestlet.java
+++ b/src/main/java/org/nrg/xnat/restlet/services/AliasTokenRestlet.java
@@ -47,8 +47,7 @@ public class AliasTokenRestlet extends SecureResource {
         _operation = (String) getRequest().getAttributes().get(PARAM_OPERATION);
         _username = (String) getRequest().getAttributes().get(PARAM_USERNAME);
         _token = (String) getRequest().getAttributes().get(PARAM_TOKEN);
-        final String secret = (String) getRequest().getAttributes().get(PARAM_SECRET);
-        _secret = StringUtils.isBlank(secret) ? INVALID : Long.parseLong(secret);
+        _secret = (String) getRequest().getAttributes().get(PARAM_SECRET);
 
         _serializer = XDAT.getContextService().getBean(SerializerService.class);
         if (null == _serializer) {
@@ -70,7 +69,7 @@ public class AliasTokenRestlet extends SecureResource {
                 throw new ResourceException(Status.CLIENT_ERROR_BAD_REQUEST, "An error occurred retrieving the user: " + _username, exception);
             }
         } else if (OP_VALIDATE.equals(_operation)) {
-            if (StringUtils.isBlank(_token) || _secret == INVALID) {
+            if (StringUtils.isBlank(_token) || StringUtils.isBlank(_secret)) {
                 throw new ResourceException(Status.CLIENT_ERROR_UNAUTHORIZED, "You must specify both token and secret to validate a token.");
             }
             try {
@@ -91,7 +90,7 @@ public class AliasTokenRestlet extends SecureResource {
     private String mapToken(final AliasToken token) {
         Map<String, String> map = Maps.newHashMap();
         map.put("alias", token.getAlias());
-        map.put("secret", Long.toString(token.getSecret()));
+        map.put("secret", token.getSecret());
         String value = "";
         try {
             value = _serializer.toJson(map);
@@ -119,5 +118,5 @@ public class AliasTokenRestlet extends SecureResource {
     private       String            _operation;
     private final String            _username;
     private final String            _token;
-    private final long              _secret;
+    private final String              _secret;
 }
diff --git a/src/main/java/org/nrg/xnat/security/alias/AliasTokenAuthenticationProvider.java b/src/main/java/org/nrg/xnat/security/alias/AliasTokenAuthenticationProvider.java
index bb59042a51753fec0a21340be585654750b36c88..39672b61f57e608ea37b3198b06e87c7af0f9e5e 100644
--- a/src/main/java/org/nrg/xnat/security/alias/AliasTokenAuthenticationProvider.java
+++ b/src/main/java/org/nrg/xnat/security/alias/AliasTokenAuthenticationProvider.java
@@ -131,7 +131,7 @@ public class AliasTokenAuthenticationProvider extends AbstractUserDetailsAuthent
         Users.validateUserLogin(xdatUserDetails);
 
         String alias = ((AliasTokenAuthenticationToken) authentication).getAlias();
-        long secret = ((AliasTokenAuthenticationToken) authentication).getSecret();
+        String secret = ((AliasTokenAuthenticationToken) authentication).getSecret();
         String userId = getAliasTokenService().validateToken(alias, secret);
         if (StringUtils.isBlank(userId) || !userId.equals(userDetails.getUsername())) {
             throw new BadCredentialsException("The submitted alias token was invalid: " + alias);
diff --git a/src/main/java/org/nrg/xnat/security/alias/AliasTokenAuthenticationToken.java b/src/main/java/org/nrg/xnat/security/alias/AliasTokenAuthenticationToken.java
index 32c45c8eb521eeadbc439db0a4b959ada0728f6e..bcf7af96b9d071d2a1424ae00782923eb5caaa03 100644
--- a/src/main/java/org/nrg/xnat/security/alias/AliasTokenAuthenticationToken.java
+++ b/src/main/java/org/nrg/xnat/security/alias/AliasTokenAuthenticationToken.java
@@ -18,7 +18,7 @@ public class AliasTokenAuthenticationToken extends UsernamePasswordAuthenticatio
         _principal = principal;
         _credentials = credentials;
         _alias = (String) principal;
-        _secret = (Long) credentials;
+        _secret = (String) credentials;
 	}
 
     @Override
@@ -43,7 +43,7 @@ public class AliasTokenAuthenticationToken extends UsernamePasswordAuthenticatio
         return _alias;
     }
 
-    public long getSecret() {
+    public String getSecret() {
         return _secret;
     }
 
@@ -55,5 +55,5 @@ public class AliasTokenAuthenticationToken extends UsernamePasswordAuthenticatio
     private Object _principal;
     private Object _credentials;
     private String _alias;
-    private long _secret;
+    private String _secret;
 }
diff --git a/src/main/java/org/nrg/xnat/turbine/modules/screens/InactiveAccount.java b/src/main/java/org/nrg/xnat/turbine/modules/screens/InactiveAccount.java
index 41e11d152b3b2a88a0f44bc9889ee8aa2b6e4199..f87e52952128185be8e930ceeb88a331e466a812 100644
--- a/src/main/java/org/nrg/xnat/turbine/modules/screens/InactiveAccount.java
+++ b/src/main/java/org/nrg/xnat/turbine/modules/screens/InactiveAccount.java
@@ -67,7 +67,7 @@ public class InactiveAccount extends VelocitySecureScreen {
                         String userID="";
                         try
                         {
-                            userID = XDAT.getContextService().getBean(AliasTokenService.class).validateToken(alias,Long.parseLong(secret));
+                            userID = XDAT.getContextService().getBean(AliasTokenService.class).validateToken(alias,secret);
                             if(userID!=null){
                                 user = Users.getUser(userID);
                                 boolean forcePasswordChange = true;
diff --git a/src/main/java/org/nrg/xnat/turbine/modules/screens/XDATScreen_UpdateUser.java b/src/main/java/org/nrg/xnat/turbine/modules/screens/XDATScreen_UpdateUser.java
index 185bca800e7a5ff033bb289b9fab6718ec93b2a7..c524493f5cb5c42517d7a85d86707f1601f11887 100644
--- a/src/main/java/org/nrg/xnat/turbine/modules/screens/XDATScreen_UpdateUser.java
+++ b/src/main/java/org/nrg/xnat/turbine/modules/screens/XDATScreen_UpdateUser.java
@@ -99,7 +99,7 @@ public class XDATScreen_UpdateUser extends SecureScreen {
                         {
                             context.put("forgot", true);
                             data.getSession().setAttribute("forgot", true);
-                            userID = XDAT.getContextService().getBean(AliasTokenService.class).validateToken(alias,Long.parseLong(secret));
+                            userID = XDAT.getContextService().getBean(AliasTokenService.class).validateToken(alias,secret);
                             if(userID!=null){
                                 user = Users.getUser(userID);
                                 XDAT.loginUser(data, user, true);