diff --git a/app/admin.py b/app/admin.py
index 950a46f..1be9dd7 100644
--- a/app/admin.py
+++ b/app/admin.py
@@ -71,8 +71,8 @@ class EnvCredentialProvider(Provider):
         expire_seconds: int = 3600,
         template: str = "providers/login/login.html",
     ) -> None:
-        self.username = username
-        self.password = password
+        self._username = username
+        self._password = password
         self.login_path = login_path
         self.logout_path = logout_path
         self.login_title = login_title
@@ -107,8 +107,8 @@ class EnvCredentialProvider(Provider):
         remember_me: Optional[str] = Form(None),
     ):
         if not (
-            secrets.compare_digest(username, self.username)
-            and secrets.compare_digest(password, self.password)
+            secrets.compare_digest(username, self._username)
+            and secrets.compare_digest(password, self._password)
         ):
             return templates.TemplateResponse(
                 self.template,
@@ -137,7 +137,7 @@ class EnvCredentialProvider(Provider):
             path=request.app.admin_path,
             httponly=True,
         )
-        await request.app.redis.set(constants.LOGIN_USER.format(token=token), self.username, ex=expire)
+        await request.app.redis.set(constants.LOGIN_USER.format(token=token), self._username, ex=expire)
         return response
 
     async def authenticate(self, request: Request, call_next: RequestResponseEndpoint):
@@ -185,7 +185,7 @@ class EnvCredentialProvider(Provider):
         resources=Depends(get_resources),
     ):
         _ = admin
-        if not secrets.compare_digest(old_password, self.password):
+        if not secrets.compare_digest(old_password, self._password):
             return templates.TemplateResponse(
                 "providers/login/password.html",
                 context={