diff --git a/debug_audio/audio_google_interpreter_recording.webm b/debug_audio/audio_google_interpreter_recording.webm
new file mode 100644
index 00000000..8c14a33f
Binary files /dev/null and b/debug_audio/audio_google_interpreter_recording.webm differ
diff --git a/modules/routes/routeSecurityGoogle.py b/modules/routes/routeSecurityGoogle.py
index a2135a33..b8ceb30d 100644
--- a/modules/routes/routeSecurityGoogle.py
+++ b/modules/routes/routeSecurityGoogle.py
@@ -312,14 +312,27 @@ async def auth_callback(code: str, state: str, request: Request) -> HTMLResponse
                     externalEmail=user_info.get("email")
                 )
             
-            # Create token
+            # Create JWT token data (like Microsoft does)
+            from modules.security.auth import createAccessToken
+            jwt_token_data = {
+                "sub": user.username,
+                "mandateId": str(user.mandateId),
+                "userId": str(user.id),
+                "authenticationAuthority": AuthAuthority.GOOGLE
+            }
+
+            # Create JWT access token
+            jwt_token, jwt_expires_at = createAccessToken(jwt_token_data)
+
+            # Create JWT token
+            from modules.interfaces.interfaceAppModel import Token
             token = Token(
                 userId=user.id,  # Use local user's ID
                 authority=AuthAuthority.GOOGLE,
-                tokenAccess=token_response["access_token"],
+                tokenAccess=jwt_token,  # Use JWT token instead of Google access token
                 tokenRefresh=token_response.get("refresh_token", ""),
-                tokenType=token_response.get("token_type", "bearer"),
-                expiresAt=create_expiration_timestamp(token_response.get("expires_in", 0)),
+                tokenType="bearer",
+                expiresAt=jwt_expires_at.timestamp(),
                 createdAt=get_utc_timestamp()
             )
             
diff --git a/modules/routes/routeSecurityLocal.py b/modules/routes/routeSecurityLocal.py
index 03bdb566..4f86d36e 100644
--- a/modules/routes/routeSecurityLocal.py
+++ b/modules/routes/routeSecurityLocal.py
@@ -159,6 +159,8 @@ async def register_user(
         appInterface.mandateId = defaultMandateId
         
         # Create user with local authentication
+        # Set safe default privilege level for new registrations
+        from modules.interfaces.interfaceAppModel import UserPrivilege
         user = appInterface.createUser(
             username=userData.username,
             password=password,
@@ -166,7 +168,7 @@ async def register_user(
             fullName=userData.fullName,
             language=userData.language,
             enabled=userData.enabled,
-            privilege=userData.privilege,
+            privilege=UserPrivilege.USER,  # Always set to USER for new registrations
             authenticationAuthority=AuthAuthority.LOCAL
         )