diff --git a/db/migrations/stored/R__functions.sql b/db/migrations/stored/R__functions.sql
index 4df232da3f08c3493dece62ec64ad2ec9839d7fa..970c182391b9b3d285e356a48b4ee178a162b4bd 100644
--- a/db/migrations/stored/R__functions.sql
+++ b/db/migrations/stored/R__functions.sql
@@ -2240,6 +2240,7 @@ BEGIN
     RETURN ROW_COUNT()-1;
 END//
 
+-- returns NULL if failed, token otherwise
 DROP FUNCTION IF EXISTS CreateAuthToken//
 CREATE FUNCTION CreateAuthToken(
     pAccountID int(11),
@@ -2247,21 +2248,21 @@ CREATE FUNCTION CreateAuthToken(
 ) RETURNS char(40) charset ascii
 NO SQL
 BEGIN
-    DECLARE vCounter int(11) DEFAULT 666;
+    DECLARE vTries int(11) DEFAULT 13; -- number of tries to generate unique token
     DECLARE vCreated boolean DEFAULT FALSE;
     DECLARE vSeed int(11) DEFAULT FLOOR(4294967296 * RAND(CURRENT_TIMESTAMP ^ LAST_INSERT_ID() ^ (pAccountID << 10)));
     DECLARE vToken char(40) charset ascii DEFAULT SHA1(vSeed);
 
-    WHILE NOT vCreated AND vCounter > 0 DO BEGIN
+    WHILE NOT vCreated AND vTries > 0 DO BEGIN
         DECLARE CONTINUE HANDLER FOR SQLEXCEPTION SET vCreated = FALSE;
         SET vToken = SHA1(RAND());
-        INSERT INTO auth_tokens(Token, AccountID, Mask) VALUES (vToken, pAccountID, pRightMask);
-
+        SET vTries = vTries - 1;
         SET vCreated = TRUE;
-        SET vCounter = vCounter - 1;
+        
+        INSERT INTO auth_tokens(Token, AccountID, Mask) VALUES (vToken, pAccountID, pRightMask);
     END; END WHILE;
 
-    RETURN IF(vCreated, vToken, '');
+    RETURN IF(vCreated, vToken, NULL);
 END//
 
 # -------------------------------------------------------------------------------------------
diff --git a/db/stored/functions.sql b/db/stored/functions.sql
index 76f508ce0fa40e9c4956788a30e3da4db48b74ec..2bd240f3bad2711d99643a236ae8c643aae0b73a 100644
--- a/db/stored/functions.sql
+++ b/db/stored/functions.sql
@@ -2338,6 +2338,7 @@ BEGIN
     RETURN ROW_COUNT()-1;
 END//
 
+-- returns NULL if failed, token otherwise
 DROP FUNCTION IF EXISTS CreateAuthToken//
 CREATE FUNCTION CreateAuthToken(
     pAccountID int(11),
@@ -2345,21 +2346,21 @@ CREATE FUNCTION CreateAuthToken(
 ) RETURNS char(40) charset ascii
 NO SQL
 BEGIN
-    DECLARE vCounter int(11) DEFAULT 666;
+    DECLARE vTries int(11) DEFAULT 13; -- number of tries to generate unique token
     DECLARE vCreated boolean DEFAULT FALSE;
     DECLARE vSeed int(11) DEFAULT FLOOR(4294967296 * RAND(CURRENT_TIMESTAMP ^ LAST_INSERT_ID() ^ (pAccountID << 10)));
     DECLARE vToken char(40) charset ascii DEFAULT SHA1(vSeed);
 
-    WHILE NOT vCreated AND vCounter > 0 DO BEGIN
+    WHILE NOT vCreated AND vTries > 0 DO BEGIN
         DECLARE CONTINUE HANDLER FOR SQLEXCEPTION SET vCreated = FALSE;
         SET vToken = SHA1(RAND());
-        INSERT INTO auth_tokens(Token, AccountID, Mask) VALUES (vToken, pAccountID, pRightMask);
-
+        SET vTries = vTries - 1;
         SET vCreated = TRUE;
-        SET vCounter = vCounter - 1;
+        
+        INSERT INTO auth_tokens(Token, AccountID, Mask) VALUES (vToken, pAccountID, pRightMask);
     END; END WHILE;
 
-    RETURN IF(vCreated, vToken, '');
+    RETURN IF(vCreated, vToken, NULL);
 END//
 
 DELIMITER ;