diff --git a/api.py b/api.py
index 3832437..4498dd4 100644
--- a/api.py
+++ b/api.py
@@ -1,6 +1,7 @@
 import json
 import os
 from threading import Lock
+from uuid import uuid4
 
 from flask import request, abort, Response, send_file, session
 
@@ -254,7 +255,9 @@ def setup_api(app):
     @app.route("/cap", methods=["GET"])
     def cap():
         word = captcha.make_captcha()
-        session["cap"] = word
+        cap_id = uuid4()
+        session["cap"] = cap_id
+        oddb.sessionStore[cap_id] = word
 
         return send_file(captcha.get_path(word), cache_timeout=0)
 
diff --git a/app.py b/app.py
index 9c5e11b..7614e45 100644
--- a/app.py
+++ b/app.py
@@ -9,6 +9,7 @@ app = Flask(__name__)
 app.secret_key = config.FLASK_SECRET
 template_filters.setup_template_filters(app)
 
+
 views.setup_views(app)
 api.setup_api(app)
 
diff --git a/captcha.py b/captcha.py
index f2227a4..7b80dcd 100644
--- a/captcha.py
+++ b/captcha.py
@@ -5,6 +5,7 @@ from PIL import Image, ImageDraw, ImageFont
 from flask import request, session
 
 import config
+import common as oddb
 
 
 def get_code():
@@ -35,7 +36,7 @@ def verify():
         request.args.get("cap") if "cap" in request.args else ""
     )
 
-    if "cap" in session and session["cap"] == attempt:
+    if "cap" in session and session["cap"] in oddb.sessionStore and oddb.sessionStore[session["cap"]] == attempt:
         session["cap_remaining"] = config.CAPTCHA_EVERY
         return True
     return False
diff --git a/common.py b/common.py
index 92dd0fa..baa8282 100644
--- a/common.py
+++ b/common.py
@@ -26,6 +26,9 @@ searchEngine = ElasticSearchEngine("od-database")
 searchEngine.start_stats_scheduler()
 db = Database("db.sqlite3")
 
+# temporary hotfix...
+sessionStore = dict()
+
 
 def require_role(role: str):