diff --git a/src/heckbot/cogs/picker.py b/src/heckbot/cogs/picker.py
index 1fedfd2..41299cf 100644
--- a/src/heckbot/cogs/picker.py
+++ b/src/heckbot/cogs/picker.py
@@ -98,8 +98,8 @@ def get_pick_link(user_name: str) -> str:
     token, iv = encrypt(user_name, expiry)
     return (
         PICK_SERVER_URL +
-        f'/form?token={quote(b64encode(token))}'
-        f'&iv={quote(b64encode(iv))}'
+        f'/form?token={quote(token.hex())}'
+        f'&iv={quote(iv.hex())}'
     )
 
 
diff --git a/src/heckbot/utils/auth.py b/src/heckbot/utils/auth.py
index 5350eeb..4baef3c 100644
--- a/src/heckbot/utils/auth.py
+++ b/src/heckbot/utils/auth.py
@@ -15,6 +15,10 @@
 
 def encrypt(username: str, expiry: str) -> tuple[bytes, bytes]:
     message = f'{username}:{expiry}'.encode()
+
+    # Ensure the message length is a multiple of the block size (16 bytes for AES)
+    while len(message) % 16 != 0:
+        message += b'\x00'
     iv = os.urandom(16)
     cipher = Cipher(
         algorithms.AES(