diff --git a/docs/docs/CHANGELOG.md b/docs/docs/CHANGELOG.md
index 905f787..2ccf61a 100644
--- a/docs/docs/CHANGELOG.md
+++ b/docs/docs/CHANGELOG.md
@@ -27,6 +27,7 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 - Rename cookies in response to user feedback
 - Ensure cookie renaming is consistent across configuration options
 - Add Bookstack app in data
+- Truncate everything but the first five characters of Accept-Language headers when making challenges
 - Ensure client JavaScript is served with Content-Type text/javascript.
 - Add `--target-host` flag/envvar to allow changing the value of the Host header in requests forwarded to the target service.
 - Bump AI-robots.txt to version 1.31
diff --git a/lib/anubis.go b/lib/anubis.go
index e817eed..6c8fa9c 100644
--- a/lib/anubis.go
+++ b/lib/anubis.go
@@ -76,11 +76,16 @@ type Server struct {
 }
 
 func (s *Server) challengeFor(r *http.Request, difficulty int) string {
-	fp := sha256.Sum256(s.priv.Seed())
+	fp := sha256.Sum256(s.pub[:])
+
+	acceptLanguage := r.Header.Get("Accept-Language")
+	if len(acceptLanguage) > 5 {
+		acceptLanguage = acceptLanguage[:5]
+	}
 
 	challengeData := fmt.Sprintf(
 		"Accept-Language=%s,X-Real-IP=%s,User-Agent=%s,WeekTime=%s,Fingerprint=%x,Difficulty=%d",
-		r.Header.Get("Accept-Language"),
+		acceptLanguage,
 		r.Header.Get("X-Real-Ip"),
 		r.UserAgent(),
 		time.Now().UTC().Round(24*7*time.Hour).Format(time.RFC3339),