diff --git a/challenge/docker-entrypoint.d/39_start_gui.sh b/challenge/docker-entrypoint.d/39_start_gui.sh
index c830c86c6..9e217253f 100755
--- a/challenge/docker-entrypoint.d/39_start_gui.sh
+++ b/challenge/docker-entrypoint.d/39_start_gui.sh
@@ -2,7 +2,7 @@
 
 mkdir -p /tmp/.dojo/vnc /home/hacker/.vnc
 
-container_id="$(cat /proc/1/cgroup | tail -n 1 | awk -F '/' '{print $NF}')"
+container_id="$(cat /.secret)"
 password_interact="$(printf 'desktop-interact' | openssl dgst -sha256 -hmac "$container_id" | awk '{print $2}' | head -c 8)"
 password_view="$(printf 'desktop-view' | openssl dgst -sha256 -hmac "$container_id" | awk '{print $2}' | head -c 8)"
 printf '%s\n%s\n' "$password_interact" "$password_view" | tigervncpasswd -f > /tmp/.dojo/vnc/passwd
diff --git a/dojo_plugin/api/v1/docker.py b/dojo_plugin/api/v1/docker.py
index 088f90455..8f9d6cdf6 100644
--- a/dojo_plugin/api/v1/docker.py
+++ b/dojo_plugin/api/v1/docker.py
@@ -89,6 +89,7 @@ def start_container(user, dojo_challenge, practice):
                 "dojo.challenge_description": dojo_challenge.description,
                 "dojo.user_id": str(user.id),
                 "dojo.mode": "privileged" if practice else "standard",
+                "dojo.secret": os.urandom(32).hex(),
             },
             mounts=[
                 docker.types.Mount(
@@ -175,6 +176,9 @@ def insert_challenge(user, dojo_challenge):
     def insert_flag(flag):
         exec_run(f"echo 'pwn.college{{{flag}}}' > /flag", shell=True)
 
+    def insert_secret(secret):
+        exec_run(f"echo '{secret}' > /.secret", shell=True)
+
     def initialize_container():
         exec_run(
             """
@@ -210,6 +214,9 @@ def initialize_container():
     flag = "practice" if practice else serialize_user_flag(user.id, dojo_challenge.challenge_id)
     insert_flag(flag)
 
+    secret = container.labels["dojo.secret"]
+    insert_secret(secret)
+
     initialize_container()
 
 
diff --git a/dojo_plugin/pages/workspace.py b/dojo_plugin/pages/workspace.py
index 2ac75b4d4..ca4ce1bad 100644
--- a/dojo_plugin/pages/workspace.py
+++ b/dojo_plugin/pages/workspace.py
@@ -20,7 +20,7 @@
 
 
 def container_password(container, *args):
-    key = container.id.encode()
+    key = container.labels["dojo.secret"].encode()
     message = "-".join(args).encode()
     return hmac.HMAC(key, message, "sha256").hexdigest()