diff --git a/jupyterhub/orm.py b/jupyterhub/orm.py
index 7f330870..32ff0a91 100644
--- a/jupyterhub/orm.py
+++ b/jupyterhub/orm.py
@@ -243,7 +243,7 @@ class Hashed(object):
     # values to use for internally generated tokens,
     # which have good entropy as UUIDs
     generated = True
-    generated_salt_bytes = b''
+    generated_salt_bytes = 8
     generated_rounds = 1
 
     @property
diff --git a/jupyterhub/tests/test_orm.py b/jupyterhub/tests/test_orm.py
index 6223ca5c..1e7e7395 100644
--- a/jupyterhub/tests/test_orm.py
+++ b/jupyterhub/tests/test_orm.py
@@ -67,7 +67,10 @@ def test_tokens(db):
     assert found.match(token)
     assert found.user is user
     assert found.service is None
-    assert found.hashed.startswith('%s:1::' % orm.APIToken.algorithm)
+    algo, rounds, salt, checksum = found.hashed.split(':')
+    assert algo == orm.APIToken.algorithm
+    assert rounds == '1'
+    assert len(salt) == orm.APIToken.generated_salt_bytes * 2
 
     found = orm.APIToken.find(db, 'something else')
     assert found is None