diff --git a/houdini.sql b/houdini.sql
index 3990a97..e5ab49d 100644
--- a/houdini.sql
+++ b/houdini.sql
@@ -1058,7 +1058,7 @@ CREATE TABLE login (
   id SERIAL,
   penguin_id INT NOT NULL,
   date TIMESTAMP NOT NULL,
-  ip_address CHAR(255) NOT NULL,
+  ip_hash CHAR(128) NOT NULL,
   minutes_played INT NOT NULL DEFAULT 0,
   PRIMARY KEY (id),
   CONSTRAINT login_ibfk_1 FOREIGN KEY (penguin_id) REFERENCES penguin (id) ON DELETE RESTRICT ON UPDATE CASCADE
@@ -1071,7 +1071,7 @@ COMMENT ON TABLE login IS 'Penguin login records';
 COMMENT ON COLUMN login.id IS 'Unique login ID';
 COMMENT ON COLUMN login.penguin_id IS 'Login penguin ID';
 COMMENT ON COLUMN login.date IS 'Login date';
-COMMENT ON COLUMN login.ip_address IS 'Connection IP address';
+COMMENT ON COLUMN login.ip_hash IS 'Connection IP address';
 COMMENT ON COLUMN login.minutes_played IS 'Minutes played for session';
 
 DROP TABLE IF EXISTS penguin_postcard;
diff --git a/houdini/data/penguin.py b/houdini/data/penguin.py
index fe1f1c2..fada88b 100644
--- a/houdini/data/penguin.py
+++ b/houdini/data/penguin.py
@@ -156,7 +156,7 @@ class Login(db.Model):
     id = db.Column(db.Integer, primary_key=True, server_default=db.text("nextval('\"login_id_seq\"'::regclass)"))
     penguin_id = db.Column(db.ForeignKey('penguin.id', ondelete='CASCADE', onupdate='CASCADE'), nullable=False)
     date = db.Column(db.DateTime, nullable=False, server_default=db.text("now()"))
-    ip_address = db.Column(db.CHAR(255), nullable=False)
+    ip_hash = db.Column(db.CHAR(255), nullable=False)
     minutes_played = db.Column(db.Integer, nullable=False, server_default=db.text("0"))
 
 
diff --git a/houdini/handlers/play/navigation.py b/houdini/handlers/play/navigation.py
index 477fe0f..35994e4 100644
--- a/houdini/handlers/play/navigation.py
+++ b/houdini/handlers/play/navigation.py
@@ -9,6 +9,7 @@ from houdini.constants import ClientType, StatusField
 import random
 import time
 import pytz
+import hashlib
 from datetime import date, datetime
 
 
@@ -139,9 +140,12 @@ async def handle_disconnect_room(p):
     await p.room.remove_penguin(p)
 
     minutes_played = (datetime.now() - p.login_timestamp).total_seconds() / 60.0
+
+    ip = p.peer_name[0] + p.server.config.auth_key
+    hashed_ip = hashlib.sha3_512(ip.encode()).hexdigest()
     await Login.create(penguin_id=p.id,
                        date=p.login_timestamp,
-                       ip_address=p.peer_name[0],
+                       ip_hash=hashed_ip,
                        minutes_played=minutes_played)
 
     await p.update(minutes_played=p.minutes_played + minutes_played).apply()