diff --git a/frontend/package-lock.json b/frontend/package-lock.json
index 793498e..a8caaa4 100644
--- a/frontend/package-lock.json
+++ b/frontend/package-lock.json
@@ -13,6 +13,7 @@
         "cors": "^2.8.6",
         "dotenv": "^16.6.1",
         "express": "^4.22.1",
+        "express-basic-auth": "^1.2.1",
         "html2canvas": "^1.4.1",
         "multer": "^1.4.5-lts.1"
       }
@@ -77,6 +78,24 @@
         "node": ">= 0.6.0"
       }
     },
+    "node_modules/basic-auth": {
+      "version": "2.0.1",
+      "resolved": "https://registry.npmjs.org/basic-auth/-/basic-auth-2.0.1.tgz",
+      "integrity": "sha512-NF+epuEdnUYVlGuhaxbbq+dvJttwLnGY+YixlXlME5KpQ5W3CnXA5cVTneY3SPbPDRkcjMbifrwmFYcClgOZeg==",
+      "license": "MIT",
+      "dependencies": {
+        "safe-buffer": "5.1.2"
+      },
+      "engines": {
+        "node": ">= 0.8"
+      }
+    },
+    "node_modules/basic-auth/node_modules/safe-buffer": {
+      "version": "5.1.2",
+      "resolved": "https://registry.npmjs.org/safe-buffer/-/safe-buffer-5.1.2.tgz",
+      "integrity": "sha512-Gd2UZBJDkXlY7GbJxfsE8/nvKkUEU1G38c1siN6QP6a9PT9MmHB8GnpscSmMJSoF8LOIrt8ud/wPtojys4G6+g==",
+      "license": "MIT"
+    },
     "node_modules/body-parser": {
       "version": "1.20.4",
       "resolved": "https://registry.npmjs.org/body-parser/-/body-parser-1.20.4.tgz",
@@ -441,6 +460,15 @@
         "url": "https://opencollective.com/express"
       }
     },
+    "node_modules/express-basic-auth": {
+      "version": "1.2.1",
+      "resolved": "https://registry.npmjs.org/express-basic-auth/-/express-basic-auth-1.2.1.tgz",
+      "integrity": "sha512-L6YQ1wQ/mNjVLAmK3AG1RK6VkokA1BIY6wmiH304Xtt/cLTps40EusZsU1Uop+v9lTDPxdtzbFmdXfFO3KEnwA==",
+      "license": "MIT",
+      "dependencies": {
+        "basic-auth": "^2.0.1"
+      }
+    },
     "node_modules/express/node_modules/debug": {
       "version": "2.6.9",
       "resolved": "https://registry.npmjs.org/debug/-/debug-2.6.9.tgz",
diff --git a/frontend/package.json b/frontend/package.json
index 4bb6b41..3225ea5 100644
--- a/frontend/package.json
+++ b/frontend/package.json
@@ -13,6 +13,7 @@
     "cors": "^2.8.6",
     "dotenv": "^16.6.1",
     "express": "^4.22.1",
+    "express-basic-auth": "^1.2.1",
     "html2canvas": "^1.4.1",
     "multer": "^1.4.5-lts.1"
   }
diff --git a/frontend/server.js b/frontend/server.js
index 602dc3a..c1dfecf 100644
--- a/frontend/server.js
+++ b/frontend/server.js
@@ -5,6 +5,7 @@ const axios = require('axios');
 const path = require('path');
 require('dotenv').config({ path: '../.env' }); 
 const { GoogleGenerativeAI } = require('@google/generative-ai');
+const basicAuth = require('express-basic-auth');
 
 const app = express();
 const port = 3000; // Unificando na porta 3000 (Frontend + API)
@@ -14,6 +15,20 @@ const port = 3000; // Unificando na porta 3000 (Frontend + API)
 app.use(cors());
 app.use(express.json({ limit: '50mb' }));
 
+// Basic Authentication setup for the dashboard
+const dashboardUser = process.env.DASHBOARD_USER || 'admin';
+const dashboardPassword = process.env.DASHBOARD_PASSWORD || 'admin';
+
+const authMiddleware = basicAuth({
+    users: { [dashboardUser]: dashboardPassword },
+    challenge: true,
+    realm: 'NeuroEngine'
+});
+
+// Protect all /api and /api-content endpoints
+app.use('/api', authMiddleware);
+app.use('/api-content', authMiddleware);
+
 // 1. SERVIR ARQUIVOS ESTÁTICOS (Frontend)
 app.use(express.static(path.join(__dirname, 'public')));