diff --git a/docker/bitcoin-ui/nginx.conf b/docker/bitcoin-ui/nginx.conf
index 3c9f1a69..5f543252 100644
--- a/docker/bitcoin-ui/nginx.conf
+++ b/docker/bitcoin-ui/nginx.conf
@@ -13,7 +13,7 @@ server {
         proxy_set_header Host $host;
         proxy_set_header X-Real-IP $remote_addr;
         proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
-        proxy_set_header Authorization "Basic YXJjaGlwZWxhZ286YXJjaGlwZWxhZ28xMjM=";
+        proxy_set_header Authorization "Basic __BITCOIN_RPC_AUTH__";
         add_header Access-Control-Allow-Origin *;
         add_header Access-Control-Allow-Methods "POST, GET, OPTIONS";
         add_header Access-Control-Allow-Headers "Content-Type, Authorization";
diff --git a/scripts/deploy-to-target.sh b/scripts/deploy-to-target.sh
index 739fb2ca..f86aa08f 100755
--- a/scripts/deploy-to-target.sh
+++ b/scripts/deploy-to-target.sh
@@ -800,6 +800,15 @@ MANIFEST_EOF
     # Rebuild and recreate Bitcoin UI container (host network, port 8334 in nginx.conf)
     # Host network required: bitcoin-ui proxies Bitcoin RPC at 127.0.0.1:8332
     progress "Rebuilding Bitcoin UI"
+    # Inject real RPC credentials into bitcoin-ui nginx config before building
+    ssh $SSH_OPTS "$TARGET_HOST" '
+      SECRETS_DIR="/var/lib/archipelago/secrets"
+      RPC_PASS=$(sudo cat "$SECRETS_DIR/bitcoin-rpc-password" 2>/dev/null)
+      if [ -n "$RPC_PASS" ]; then
+        AUTH_B64=$(echo -n "archipelago:${RPC_PASS}" | base64)
+        sed -i "s|__BITCOIN_RPC_AUTH__|${AUTH_B64}|g" '"$TARGET_DIR"'/docker/bitcoin-ui/nginx.conf
+      fi
+    ' 2>/dev/null || true
     if ssh $SSH_OPTS "$TARGET_HOST" "cd $TARGET_DIR/docker/bitcoin-ui && (command -v podman >/dev/null 2>&1 && podman build --no-cache -t bitcoin-ui:latest . || docker build --no-cache -t bitcoin-ui:latest .)" 2>&1 | tail -12 | sed 's/^/   /'; then
         echo "   Recreating Bitcoin UI container (port 8334, host network)..."
         ssh $SSH_OPTS "$TARGET_HOST" '