diff --git a/plugin.rb b/plugin.rb
index 5e07a93..465f1e1 100644
--- a/plugin.rb
+++ b/plugin.rb
@@ -4,7 +4,7 @@
 
 # name: discourse-md5_authentication
 # about: A plugin to authenticate users with MD5 passwords from legacy systems
-# version: 0.9.5
+# version: 0.9.6
 # authors: saint
 # url: https://gitea.federated.computer/saint/discourse-md5_authentication.git
 
@@ -38,15 +38,20 @@ after_initialize do
 
         # Check for MD5 password in custom field
         if custom_password_md5.present?
-          Rails.logger.debug "MD6 password is present. custom_password_md5: #{custom_password_md5}, password: #{password}"
+          Rails.logger.debug "MD5 password is present. custom_password_md5: #{custom_password_md5}, password: #{password}"
 
           # Extract the salt from the legacy hash
           parts = custom_password_md5.split('$')
-          Rails.logger.debug "MD7"
-          salt = parts[2][0, 8]
-          Rails.logger.debug "MD8"
+          Rails.logger.debug "Split parts: #{parts.inspect}"
+
+          if parts.length >= 3
+            salt = parts[2][0, 8]
+          else
+            Rails.logger.debug "Invalid MD5 format for custom_password_md5: #{custom_password_md5}"
+            return invalid_credentials
+          end
+
           magic = "$GT$"
-          Rails.logger.debug "MD9"
           Rails.logger.debug "MD5 magic: #{magic}, salt: #{salt}"
 
           # Create initial MD5 context
@@ -60,7 +65,7 @@ after_initialize do
           final.update(password)
           final.update(salt)
           final.update(password)
-          final_digest = final.digest
+          final_digest = final.digest.dup  # Ensure final_digest is not frozen
 
           # Perform password length operations
           password_length = password.length
@@ -79,7 +84,7 @@ after_initialize do
             password_length >>= 1
           end
 
-          final_digest = ctx.digest
+          final_digest = ctx.digest.dup  # Ensure final_digest is not frozen
           Rails.logger.debug "MD5 final_digest after initial operations: #{final_digest}"
 
           # Perform 1000 iterations of MD5 hashing
@@ -88,16 +93,16 @@ after_initialize do
             if i & 1 != 0
               ctx1.update(password)
             else
-              ctx1.update(final_digest)
+              ctx1.update(final_digest.dup)  # Ensure final_digest is not frozen
             end
             ctx1.update(salt) if i % 3 != 0
             ctx1.update(password) if i % 7 != 0
             if i & 1 != 0
-              ctx1.update(final_digest)
+              ctx1.update(final_digest.dup)  # Ensure final_digest is not frozen
             else
               ctx1.update(password)
             end
-            final_digest = ctx1.digest
+            final_digest = ctx1.digest.dup  # Ensure final_digest is not frozen
           end
 
           # Convert final digest to the hashed password format