diff --git a/src/messenger/webim/operator/restore.php b/src/messenger/webim/operator/restore.php
index 01be3df8..a4ebbf6e 100644
--- a/src/messenger/webim/operator/restore.php
+++ b/src/messenger/webim/operator/restore.php
@@ -38,7 +38,8 @@ if (isset($_POST['loginoremail'])) {
 	}
 
 	if (count($errors) == 0) {
-		$token = md5((time() + microtime()) . rand(0, 99999999));
+
+		$token = sha1($torestore['vclogin'] . (function_exists('openssl_random_pseudo_bytes') ? openssl_random_pseudo_bytes(32) : (time() + microtime()) . mt_rand(0, 99999999)));
 
 		$link = connect();
 		$query = sprintf("update ${mysqlprefix}chatoperator set dtmrestore = CURRENT_TIMESTAMP, vcrestoretoken = '%s' where operatorid = %s", mysql_real_escape_string($token, $link), intval($torestore['operatorid']));