diff --git a/app/models.py b/app/models.py
index 392bcc84..87f8c930 100644
--- a/app/models.py
+++ b/app/models.py
@@ -30,6 +30,7 @@ from app.errors import AliasInTrashError
 from app.extensions import db
 from app.log import LOG
 from app.oauth_models import Scope
+from app.pw_models import PasswordOracle
 from app.utils import (
     convert_to_id,
     random_string,
@@ -183,14 +184,10 @@ class Fido(db.Model, ModelMixin):
     sign_count = db.Column(db.Integer(), nullable=False)
     name = db.Column(db.String(128), nullable=False, unique=False)
 
-
-class User(db.Model, ModelMixin, UserMixin):
+class User(db.Model, ModelMixin, UserMixin, PasswordOracle):
     __tablename__ = "users"
     email = db.Column(db.String(256), unique=True, nullable=False)
 
-    salt = db.Column(db.String(128), nullable=True)
-    password = db.Column(db.String(128), nullable=True)
-
     name = db.Column(db.String(128), nullable=True)
     is_admin = db.Column(db.Boolean, nullable=False, default=False)
     alias_generator = db.Column(
@@ -522,18 +519,6 @@ class User(db.Model, ModelMixin, UserMixin):
         else:
             return Alias.filter_by(user_id=self.id).count() < MAX_NB_EMAIL_FREE_PLAN
 
-    def set_password(self, password):
-        salt = bcrypt.gensalt()
-        password_hash = bcrypt.hashpw(password.encode(), salt).decode()
-        self.salt = salt.decode()
-        self.password = password_hash
-
-    def check_password(self, password) -> bool:
-        if not self.password:
-            return False
-        password_hash = bcrypt.hashpw(password.encode(), self.salt.encode())
-        return self.password.encode() == password_hash
-
     def profile_picture_url(self):
         if self.profile_picture_id:
             return self.profile_picture.get_url()
diff --git a/app/pw_models.py b/app/pw_models.py
new file mode 100644
index 00000000..a728cba1
--- /dev/null
+++ b/app/pw_models.py
@@ -0,0 +1,20 @@
+import bcrypt
+
+from app.extensions import db
+
+
+class PasswordOracle:
+    salt = db.Column(db.String(128), nullable=True)
+    password = db.Column(db.String(128), nullable=True)
+
+    def set_password(self, password):
+        salt = bcrypt.gensalt()
+        password_hash = bcrypt.hashpw(password.encode(), salt).decode()
+        self.salt = salt.decode()
+        self.password = password_hash
+
+    def check_password(self, password) -> bool:
+        if not self.password:
+            return False
+        password_hash = bcrypt.hashpw(password.encode(), self.salt.encode())
+        return self.password.encode() == password_hash