diff --git a/monkey/monkey_island/cc/resources/auth/auth.py b/monkey/monkey_island/cc/resources/auth/auth.py
index 453a45027..91abb9752 100644
--- a/monkey/monkey_island/cc/resources/auth/auth.py
+++ b/monkey/monkey_island/cc/resources/auth/auth.py
@@ -7,11 +7,7 @@ from flask import make_response, request
 from flask_jwt_extended.exceptions import JWTExtendedException
 from jwt import PyJWTError
 
-import monkey_island.cc.environment.environment_singleton as env_singleton
-from monkey_island.cc.resources.auth.credential_utils import (
-    get_username_password_from_request,
-    password_matches_hash,
-)
+from monkey_island.cc.resources.auth.credential_utils import get_username_password_from_request
 from monkey_island.cc.services.authentication import AuthenticationService
 
 logger = logging.getLogger(__name__)
@@ -41,21 +37,11 @@ class Authenticate(flask_restful.Resource):
         """
         username, password = get_username_password_from_request(request)
 
-        if _credentials_match_registered_user(username, password):
-            AuthenticationService.unlock_datastore_encryptor(username, password)
+        if AuthenticationService.authenticate(username, password):
             access_token = _create_access_token(username)
             return make_response({"access_token": access_token, "error": ""}, 200)
-        else:
-            return make_response({"error": "Invalid credentials"}, 401)
 
-
-def _credentials_match_registered_user(username: str, password: str) -> bool:
-    registered_user = env_singleton.env.get_user()
-
-    if not registered_user:
-        return False
-
-    return (registered_user.username == username) and password_matches_hash(password, registered_user.password_hash)
+        return make_response({"error": "Invalid credentials"}, 401)
 
 
 def _create_access_token(username):
diff --git a/monkey/monkey_island/cc/services/authentication.py b/monkey/monkey_island/cc/services/authentication.py
index fe3542f51..de3458b3e 100644
--- a/monkey/monkey_island/cc/services/authentication.py
+++ b/monkey/monkey_island/cc/services/authentication.py
@@ -2,6 +2,7 @@ import bcrypt
 
 import monkey_island.cc.environment.environment_singleton as env_singleton
 from monkey_island.cc.environment.user_creds import UserCreds
+from monkey_island.cc.resources.auth.credential_utils import password_matches_hash
 from monkey_island.cc.server_utils.encryption import (
     reset_datastore_encryptor,
     unlock_datastore_encryptor,
@@ -19,8 +20,8 @@ class AuthenticationService:
     def initialize(cls, key_file_directory):
         cls.KEY_FILE_DIRECTORY = key_file_directory
 
-    @classmethod
-    def needs_registration(cls) -> bool:
+    @staticmethod
+    def needs_registration() -> bool:
         return env_singleton.env.needs_registration()
 
     @classmethod
@@ -30,6 +31,14 @@ class AuthenticationService:
         AuthenticationService.reset_datastore_encryptor(username, password)
         reset_database()
 
+    @classmethod
+    def authenticate(cls, username: str, password: str) -> bool:
+        if _credentials_match_registered_user(username, password):
+            AuthenticationService.unlock_datastore_encryptor(username, password)
+            return True
+
+        return False
+
     @staticmethod
     def unlock_datastore_encryptor(username: str, password: str):
         secret = AuthenticationService._get_secret_from_credentials(username, password)
@@ -50,3 +59,14 @@ def _hash_password(plaintext_password):
     password_hash = bcrypt.hashpw(plaintext_password.encode("utf-8"), salt)
 
     return password_hash.decode()
+
+
+def _credentials_match_registered_user(username: str, password: str) -> bool:
+    registered_user = env_singleton.env.get_user()
+
+    if not registered_user:
+        return False
+
+    return (registered_user.username == username) and password_matches_hash(
+        password, registered_user.password_hash
+    )