diff --git a/instance/database.db b/instance/database.db
new file mode 100644
index 00000000..b375a406
Binary files /dev/null and b/instance/database.db differ
diff --git a/website/auth.py b/website/auth.py
index 8c65752e..570c5cd8 100644
--- a/website/auth.py
+++ b/website/auth.py
@@ -56,7 +56,7 @@ def sign_up():
             flash('Password must be at least 7 characters.', category='error')
         else:
             new_user = User(email=email, first_name=first_name, password=generate_password_hash(
-                password1, method='sha256'))
+                password1, method='pbkdf2:sha256'))
             db.session.add(new_user)
             db.session.commit()
             login_user(new_user, remember=True)
diff --git a/website/static/index.js b/website/static/index.js
index 136d2123..c30bba2c 100644
--- a/website/static/index.js
+++ b/website/static/index.js
@@ -1,3 +1,20 @@
+document.addEventListener("DOMContentLoaded", function () {
+  const clearBtn = document.getElementById("clear-search");
+  if (clearBtn) {
+    clearBtn.addEventListener("click", function () {
+      const form = document.querySelector(".search-form");
+      if (form) {
+        const input = form.querySelector('input[name="q"]');
+        if (input) input.value = "";
+        form.submit(); // submit without q -> backend will show all notes
+      } else {
+        // fallback: reload base path without query string
+        window.location = window.location.pathname;
+      }
+    });
+  }
+});
+
 function deleteNote(noteId) {
   fetch("/delete-note", {
     method: "POST",
diff --git a/website/templates/home.html b/website/templates/home.html
index 0fc5c1d9..76759a50 100644
--- a/website/templates/home.html
+++ b/website/templates/home.html
@@ -1,8 +1,34 @@
 {% extends "base.html" %} {% block title %}Home{% endblock %} {% block content
 %}
-<h1 align="center">Notes</h1>
-<ul class="list-group list-group-flush" id="notes">
-  {% for note in user.notes %}
+<h1 class="text-center">Notes</h1>
+<div class="search-container">
+  <form action="{{ url_for('views.home') }}" method="get" class="search-form">
+    <input
+      type="text"
+      name="q"
+      placeholder="Search notes..."
+      value="{{ query or '' }}"
+    />
+    <button type="submit">Search</button>
+    <a href="{{ url_for('views.clear_search') }}">
+      <button
+        type="button"
+        id="clear-search"
+        title="Clear search and show all notes"
+      >
+        Show all notes
+      </button>
+    </a>
+    {% if query %}<span class="search-info"
+      >Showing results for "{{ query }}"</span
+    >{% endif %}
+  </form>
+</div>
+<br />
+
+{% if notes %}
+<ul class="list-group">
+  {% for note in notes %}
   <li class="list-group-item">
     {{ note.data }}
     <button type="button" class="close" onClick="deleteNote({{ note.id }})">
@@ -11,6 +37,11 @@ <h1 align="center">Notes</h1>
   </li>
   {% endfor %}
 </ul>
+{% else %}
+<p>No notes found.</p>
+{% endif %}
+
+<br />
 <form method="POST">
   <textarea name="note" id="note" class="form-control"></textarea>
   <br />
diff --git a/website/views.py b/website/views.py
index d17a938e..b9831bfb 100644
--- a/website/views.py
+++ b/website/views.py
@@ -1,9 +1,10 @@
-from flask import Blueprint, render_template, request, flash, jsonify
+from flask import Blueprint, render_template, request, flash, redirect, url_for
+from .models import Note, User
 from flask_login import login_required, current_user
-from .models import Note
 from . import db
 import json
 
+
 views = Blueprint('views', __name__)
 
 
@@ -20,8 +21,19 @@ def home():
             db.session.add(new_note) #adding the note to the database 
             db.session.commit()
             flash('Note added!', category='success')
+            return redirect(url_for('views.home'))
+
+    # Search behavior: show all notes when q is empty, otherwise show filtered results
+    q = request.args.get('q', '').strip()
+    if q:
+        notes = Note.query.filter(
+            Note.user_id == current_user.id,
+            Note.data.ilike(f'%{q}%')
+        ).order_by(Note.id.desc()).all()
+    else:
+        notes = Note.query.filter_by(user_id=current_user.id).order_by(Note.id.desc()).all()
 
-    return render_template("home.html", user=current_user)
+    return render_template("home.html", user=current_user, notes=notes, query=q)
 
 
 @views.route('/delete-note', methods=['POST'])
@@ -35,3 +47,25 @@ def delete_note():
             db.session.commit()
 
     return jsonify({})
+
+@views.route('/search')
+@login_required
+def search():
+    q = request.args.get('q', '').strip()
+    if not q:
+        flash('Please enter a keyword to search.', category='info')
+        return redirect(url_for('views.home'))
+
+    # case-insensitive partial match for the current user's notes
+    results = Note.query.filter(
+        Note.user_id == current_user.id,
+        Note.data.ilike(f'%{q}%')
+    ).order_by(Note.id.desc()).all()
+
+    return render_template("home.html", user=current_user, notes=results, query=q)
+
+@views.route('/clear-search')
+@login_required
+def clear_search():
+    # Redirect to home with no query parameter, showing all notes
+    return redirect(url_for('views.home'))