diff --git a/app.py b/app.py
index 8dd2cc7..22984a9 100644
--- a/app.py
+++ b/app.py
@@ -40,10 +40,8 @@ from flask_login import (
 )
 from flask_compress import Compress
 from flask_socketio import SocketIO, emit, join_room
-from werkzeug.security import generate_password_hash, check_password_hash
 from config import Config
 from PIL import Image, ExifTags, ImageFilter, ImageOps
-from werkzeug.utils import secure_filename
 from werkzeug.middleware.proxy_fix import ProxyFix
 from sqlalchemy import func, extract, inspect, or_, case, text
 from sqlalchemy.orm import joinedload
@@ -126,7 +124,6 @@ WEBP_SAVE_PARAMS = {
     # "quality": 95,  # tylko jeśli lossless=False
 }
 
-
 db = SQLAlchemy(app)
 socketio = SocketIO(app, async_mode="eventlet")
 login_manager = LoginManager(app)
@@ -243,33 +240,14 @@ def hash_password(password):
 
 
 def check_password(stored_hash, password_input):
-    """Obsługuje zarówno hashe bcrypt (nowe), jak i stare Werkzeugowe (PBKDF2)."""
     pepper = app.config["BCRYPT_PEPPER"]
     peppered = (password_input + pepper).encode("utf-8")
-
-    # Rozpoznaj format hasha
     if stored_hash.startswith("$2b$") or stored_hash.startswith("$2a$"):
-        # bcrypt
         try:
             return bcrypt.checkpw(peppered, stored_hash.encode("utf-8"))
         except Exception:
             return False
-    elif stored_hash.startswith("pbkdf2:"):
-        # STARY HASH! (Werkzeug)
-        # opcjonalnie: zrób check_password_hash, pozwól się zalogować, wymuś zmianę hasła
-        from werkzeug.security import check_password_hash
-        if check_password_hash(stored_hash, password_input):
-            # tu np. możesz zapisać nowe hasło w formie bcrypt!
-            # user.password_hash = hash_password(password_input)
-            # db.session.commit()
-            print("Użytkownik loguje się starym hasłem: wymuś zmianę na nowe!")
-            return True  # POZWÓL JEDNORAZOWO
-        else:
-            return False
-    else:
-        # Nieznany format
-        return False
-
+    return False
 
 
 if app.config["SQLALCHEMY_DATABASE_URI"].startswith("sqlite:///"):
@@ -1290,7 +1268,6 @@ def login():
     if request.method == "POST":
         username_input = request.form["username"].lower()
         user = User.query.filter(func.lower(User.username) == username_input).first()
-        #if user and check_password_hash(user.password_hash, request.form["password"]):
         if user and check_password(user.password_hash, request.form["password"]):
             session.permanent = True
             login_user(user)
@@ -1966,7 +1943,6 @@ def add_user():
         flash("Użytkownik o takiej nazwie już istnieje", "warning")
         return redirect(url_for("list_users"))
 
-    #hashed_password = generate_password_hash(password)
     hashed_password = hash_password(password)
     new_user = User(username=username, password_hash=hashed_password)
     db.session.add(new_user)
@@ -2005,7 +1981,6 @@ def reset_password(user_id):
         flash("Podaj nowe hasło", "danger")
         return redirect(url_for("list_users"))
 
-    #user.password_hash = generate_password_hash(new_password)
     user.password_hash = hash_password(new_password)
     db.session.commit()
     flash(f"Hasło dla użytkownika {user.username} zostało zaktualizowane", "success")