diff --git a/src/web/ejabberd_web_admin.erl b/src/web/ejabberd_web_admin.erl
index e79b4a2e6..10488d0fc 100644
--- a/src/web/ejabberd_web_admin.erl
+++ b/src/web/ejabberd_web_admin.erl
@@ -243,7 +243,7 @@ get_auth_admin(Auth, HostHTTP, RPath, Method) ->
     end.
 
 get_auth_account(HostOfRule, AccessRule, User, Server, Pass) ->
-    case ejabberd_auth:check_password(User, Server, Pass) of
+    case catch ejabberd_auth:check_password(User, Server, Pass) of
 	true ->
 	    case is_acl_match(HostOfRule, AccessRule,
 				exmpp_jid:make(User, Server)) of
@@ -258,7 +258,9 @@ get_auth_account(HostOfRule, AccessRule, User, Server, Pass) ->
 		    {unauthorized, "bad-password"};
 		false ->
 		    {unauthorized, "inexistent-account"}
-	    end
+	    end;
+	_ ->
+            {unauthorized, "badformed-jid"}
     end.
 
 %%%==================================