diff --git a/ChangeLog b/ChangeLog
index 6c5dd2172..b3d0547ee 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,5 +1,7 @@
 2009-04-27  Badlop  <badlop@process-one.net>
 
+	* src/cyrsasl_digest.erl: Fix auth verification (EJAB-863)
+
 	* src/jlib.erl: Fix recursive call to speedup base64
 	decoding (thanks to Jeffrey Rogiers)(EJAB-333)
 
diff --git a/src/cyrsasl_digest.erl b/src/cyrsasl_digest.erl
index 49ea6a6d4..1cb2334ab 100644
--- a/src/cyrsasl_digest.erl
+++ b/src/cyrsasl_digest.erl
@@ -57,7 +57,7 @@ mech_step(#state{step = 3, nonce = Nonce} = State, ClientIn) ->
 			{false, _} ->
 			    {error, "not-authorized", UserName};
 			{Passwd, AuthModule} ->
-				case (State#state.check_password)(UserName, Passwd,
+				case (State#state.check_password)(UserName, "",
 					xml:get_attr_s("response", KeyVals),
 					fun(PW) -> response(KeyVals, UserName, PW, Nonce, AuthzId,
 						"AUTHENTICATE") end) of
@@ -71,6 +71,8 @@ mech_step(#state{step = 3, nonce = Nonce} = State, ClientIn) ->
 						 auth_module = AuthModule,
 						 username = UserName,
 						 authzid = AuthzId}};
+				false ->
+				    {error, "not-authorized", UserName};
 				{false, _} ->
 				    {error, "not-authorized", UserName}
 			    end