diff --git a/include/class.auth.php b/include/class.auth.php
index 054ccd9417112d2a5b4921ceea3d8680886554d4..47772206e5f7a6b3b7cfd27d51e5c3dd38663840 100644
--- a/include/class.auth.php
+++ b/include/class.auth.php
@@ -97,7 +97,7 @@ abstract class AuthenticationBackend {
         foreach (static::allRegistered() as $bk) {
             if ($backends //Allowed backends
                     && $bk->supportsAuthentication()
-                    && in_array($bk::$id, $backends))
+                    && !in_array($bk::$id, $backends))
                 // User cannot be authenticated against this backend
                 continue;
 
diff --git a/include/class.client.php b/include/class.client.php
index 3f2f3be9e1ad2e166caf5cb4add2c41462ebfd96..001c94123728d71f6424d845e75a0dcca760ef2f 100644
--- a/include/class.client.php
+++ b/include/class.client.php
@@ -15,7 +15,7 @@
 **********************************************************************/
 abstract class TicketUser {
 
-    static private $token_regex = '/^(?P<type>\w{1})(?P<id>\d+)t(?P<tid>\d+)x(?P<algo>\d+)h(?P<hash>.*)$/i';
+    static private $token_regex = '/^(?P<type>\w{1})(?P<algo>\d+)x(?P<hash>.*)$/i';
 
     protected  $user;
 
@@ -44,26 +44,23 @@ abstract class TicketUser {
 
     }
 
-    protected function getAuthToken($type=1) {
+    protected function getAuthToken($algo=1) {
 
-        //Format: // c<id>x<algo id used>h<hash for algo>
-        $authtoken = '';
-        switch($type) {
+        //Format: // <user type><algo id used>x<pack of uid & tid><hash of the algo>
+        $authtoken = sprintf('%s%dx%s',
+                ($this->isOwner() ? 'o' : 'c'),
+                $algo,
+                base64_encode(pack('VV',$this->getId(), $this->getTicketId())));
+
+        switch($algo) {
             case 1:
-                $authtoken = sprintf('%s%dt%dx%dh%s',
-                        ($this->isOwner() ? 'o' : 'c'),
-                        $this->getId(),
-                        $this->getTicketId(),
-                        $type,
-                        substr(base64_encode(md5($this->getId().$this->getTicket()->getCreateDate().$this->getTicketId().SECRET_SALT,
-                                    true)), 16));
+                $authtoken .= substr(base64_encode(
+                            md5($this->getId().$this->getTicket()->getCreateDate().$this->getTicketId().SECRET_SALT, true)), 8);
                 break;
+            default:
+                return null;
         }
 
-        //TODO: Throw an exception
-        if (!$authtoken)
-            return false;
-
         return $authtoken;
     }
 
@@ -74,17 +71,20 @@ abstract class TicketUser {
         if (!preg_match(static::$token_regex, $token, $matches))
             return null;
 
+        //Unpack the user and ticket ids
+        $matches +=unpack('Vuid/Vtid', base64_decode(substr($matches['hash'], 0, 12)));
+
         $user = null;
         switch ($matches['type']) {
             case 'c': //Collaborator c
-                if (($user = Collaborator::lookup($matches['id']))
+                if (($user = Collaborator::lookup($matches['uid']))
                         && $user->getTicketId() != $matches['tid'])
                     $user = null;
                 break;
             case 'o': //Ticket owner
                 if (($ticket = Ticket::lookup($matches['tid']))) {
                     if (($user = $ticket->getOwner())
-                            && $user->getId() != $matches['id'])
+                            && $user->getId() != $matches['uid'])
                         $user = null;
                 }
                 break;
@@ -95,8 +95,6 @@ abstract class TicketUser {
                 || strcasecmp($user->getAuthToken($matches['algo']), $token))
             return false;
 
-        var_dump($user);
-
         return $user;
     }