diff --git a/DESCRIPTION b/DESCRIPTION
index a458526..b46fcb0 100644
--- a/DESCRIPTION
+++ b/DESCRIPTION
@@ -34,7 +34,7 @@ Suggests:
     knitr,
     rmarkdown,
     covr
-RoxygenNote: 7.1.1
+RoxygenNote: 7.2.3
 URL: https://github.com/paulc91/shinyauthr
 BugReports: https://github.com/paulc91/shinyauthr/issues
 Config/testthat/edition: 3
diff --git a/R/login.R b/R/login.R
index 145e67c..766e6f8 100644
--- a/R/login.R
+++ b/R/login.R
@@ -68,7 +68,8 @@ loginUI <- function(id,
 #' \href{https://shiny.rstudio.com/articles/modules.html}{Modularizing Shiny app code}.
 #'
 #' @param id 	An ID string that corresponds with the ID used to call the module's UI function
-#' @param data data frame or tibble containing user names, passwords and other user data
+#' @param data data frame or tibble containing user names, passwords and other user data. Can be either
+#'  a static object or a shiny \link[shiny]{reactive} object
 #' @param user_col bare (unquoted) or quoted column name containing user names
 #' @param pwd_col bare (unquoted) or quoted column name containing passwords
 #' @param sodium_hashed have the passwords been hash encrypted using the sodium package? defaults to FALSE
@@ -121,8 +122,12 @@ loginServer <- function(id,
     }
   }
   
-  # ensure all text columns are character class
-  data <- dplyr::mutate_if(data, is.factor, as.character)
+  data_reactive <- shiny::reactive({
+    # if not already reactive, make data reactive
+    data_temp <- if (shiny::is.reactive(data)) data else shiny::reactive(data)
+    # ensure all text columns are character class
+    dplyr::mutate_if(data_temp(), is.factor, as.character)
+  })
   
   shiny::moduleServer(
     id,
@@ -191,7 +196,7 @@ loginServer <- function(id,
             
             credentials$user_auth <- TRUE
             credentials$info <- dplyr::bind_cols(
-              dplyr::filter(data, {{user_col}} == .userid),
+              dplyr::filter(data_reactive(), {{user_col}} == .userid),
               dplyr::select(cookie_data, -{{user_col}})
             )
           }
@@ -203,10 +208,10 @@ loginServer <- function(id,
       shiny::observeEvent(input$button, {
         
         # check for match of input username to username column in data
-        row_username <- which(dplyr::pull(data, {{user_col}}) == input$user_name)
+        row_username <- which(dplyr::pull(data_reactive(), {{user_col}}) == input$user_name)
         
         if (length(row_username)) {
-          row_password <- dplyr::filter(data, dplyr::row_number() == row_username)
+          row_password <- dplyr::filter(data_reactive(), dplyr::row_number() == row_username)
           row_password <- dplyr::pull(row_password, {{pwd_col}})
           if (sodium_hashed) {
             password_match <- sodium::password_verify(row_password, input$password)
@@ -221,7 +226,7 @@ loginServer <- function(id,
         if (length(row_username) == 1 && password_match) {
           
           credentials$user_auth <- TRUE
-          credentials$info <- dplyr::filter(data, {{user_col}} == input$user_name)
+          credentials$info <- dplyr::filter(data_reactive(), {{user_col}} == input$user_name)
           
           if (cookie_logins) {
             .sessionid <- randomString()
diff --git a/man/loginServer.Rd b/man/loginServer.Rd
index dd54211..34752d4 100644
--- a/man/loginServer.Rd
+++ b/man/loginServer.Rd
@@ -21,7 +21,8 @@ loginServer(
 \arguments{
 \item{id}{An ID string that corresponds with the ID used to call the module's UI function}
 
-\item{data}{data frame or tibble containing user names, passwords and other user data}
+\item{data}{data frame or tibble containing user names, passwords and other user data. Can be either
+a static object or a shiny \link[shiny]{reactive} object}
 
 \item{user_col}{bare (unquoted) or quoted column name containing user names}