diff --git a/pkg/gordio/auth/jwt.go b/pkg/gordio/auth/jwt.go
index 1297ba7..d7d6cee 100644
--- a/pkg/gordio/auth/jwt.go
+++ b/pkg/gordio/auth/jwt.go
@@ -63,6 +63,9 @@ func (a *Auth) AuthMiddleware() func(http.Handler) http.Handler {
 }
 
 func (a *Auth) initJWT() {
+	if string(a.cfg.JWTSecret) == "super secret string" {
+		log.Fatal().Msg("JWT secret is the default!")
+	}
 	a.jwt = jwtauth.New("HS256", []byte(a.cfg.JWTSecret), nil)
 }