diff --git a/src/server.py b/src/server.py
index 7122b01..b6feed4 100644
--- a/src/server.py
+++ b/src/server.py
@@ -31,11 +31,19 @@ USERNAME = os.getenv("WEB_USERNAME", os.urandom(32).hex())
 PASSWORD = os.getenv("WEB_PASSWORD", os.urandom(32).hex())
 
 
+accounts = {
+    USERNAME: PASSWORD
+}
+if os.path.exists("./web-accounts.json"):
+    with open("./web-accounts.json") as f:
+        accounts.update(json.load(f))
+
+
 def check_credentials(credentials: HTTPBasicCredentials = Depends(security)):
     err = HTTPException(status_code=401, detail="Unauthorized")
-    if credentials.username != USERNAME:
+    if credentials.username not in accounts:
         raise err
-    if not secrets.compare_digest(credentials.password, PASSWORD):
+    if not secrets.compare_digest(credentials.password, accounts[credentials.username]):
         raise err
     return credentials