diff --git a/ChangeLog b/ChangeLog
index c0499a61d..68a071c6e 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,5 +1,11 @@
 2007-02-05  Wolfgang Sourdeau  <wsourdeau@inverse.ca>
 
+	* SoObjects/SOGo/SOGoAuthenticator.m ([SOGoAuthenticator
+	-checkLogin:_loginpassword:_pwd]): fixed a bug where a wrong
+	password would be accepted anyway as long as its length was > 0.
+	This can be the case ONLY when LDAP is disabled otherwise we have
+	a serious security issue...
+
 	* SoObjects/Appointments/SOGoAppointmentObject.m
 	([SOGoAppointmentObject -roleOfUser:logininContext:context]): if a
 	user is not an organizer nor a participant, he is declared as
diff --git a/SoObjects/SOGo/SOGoAuthenticator.m b/SoObjects/SOGo/SOGoAuthenticator.m
index a44d55325..18c00d272 100644
--- a/SoObjects/SOGo/SOGoAuthenticator.m
+++ b/SoObjects/SOGo/SOGoAuthenticator.m
@@ -72,11 +72,16 @@ static SOGoAuthenticator *auth = nil;
 - (BOOL) checkLogin: (NSString *) _login
 	   password: (NSString *) _pwd
 {
+  BOOL accept;
+
+  if ([authMethod isEqualToString: @"LDAP"])
+    accept = [self LDAPCheckLogin: _login password: _pwd];
+  else
+    accept = ([_login length] > 0);
+
   return (([_login isEqualToString: @"freebusy"]
            && [_pwd isEqualToString: @"freebusy"])
-          || ([authMethod isEqualToString: @"LDAP"]
-              && [self LDAPCheckLogin: _login password: _pwd])
-          || [_login length] > 0);
+          || accept);
 }
 
 - (BOOL) LDAPCheckLogin: (NSString *) _login