diff --git a/api/routes/authenticate.js b/api/routes/authenticate.js
index c2d59e7..ef0c2a1 100644
--- a/api/routes/authenticate.js
+++ b/api/routes/authenticate.js
@@ -47,7 +47,7 @@ let authCheck = (username, password, res) => {
   AppUserModel.findOne({username: username.toLowerCase()}).populate('squad').exec((err, user) => {
     if (err) deferred.reject(err.name + ': ' + err.message);
 
-    const diff = 7 * 60 * 24; // time till expiration [minutes]
+    const diff = 28 * 60 * 24; // time till expiration [minutes]
 
     if (user && !user.activated) {
       res.status(codes.unauthorized).send('Account is not yet activated');