diff --git a/modules/installed/lib/auth.py b/modules/installed/lib/auth.py
index 74f387595..fb2ad2ac9 100644
--- a/modules/installed/lib/auth.py
+++ b/modules/installed/lib/auth.py
@@ -27,7 +27,10 @@ def check_credentials(username, passphrase):
         cfg.log(error)
         return error
 
-    u = cfg.users[username]
+    if username in cfg.users:
+        u = cfg.users[username]
+    else:
+        u = None
     # hash the password whether the user exists, to foil timing
     # side-channel attacks
     pass_hash = hashlib.md5(passphrase).hexdigest()