diff --git a/lib/private/user.php b/lib/private/user.php
index 2358f4a14e43290dedd88ad64f3361b9130d74c4..b2a235425c4e5cf71881813bbc0806dd229f276a 100644
--- a/lib/private/user.php
+++ b/lib/private/user.php
@@ -228,6 +228,9 @@ class OC_User {
 	 * Log in a user and regenerate a new session - if the password is ok
 	 */
 	public static function login($loginname, $password) {
+		$loginname = str_replace("\0", '', $loginname);
+		$password = str_replace("\0", '', $password);
+
 		session_regenerate_id(true);
 		$result = self::getUserSession()->login($loginname, $password);
 		if ($result) {