diff --git a/lib/private/user.php b/lib/private/user.php
index 08ead712028e894dc6211797b5eeb68480da47d1..a89b7286c1009e48525cf039ccd4ac41228a9fe4 100644
--- a/lib/private/user.php
+++ b/lib/private/user.php
@@ -227,6 +227,7 @@ class OC_User {
 	 * Log in a user and regenerate a new session - if the password is ok
 	 */
 	public static function login($uid, $password) {
+		session_regenerate_id(true);
 		return self::getUserSession()->login($uid, $password);
 	}
 
diff --git a/lib/private/user/session.php b/lib/private/user/session.php
index cd03b30205fb3eb7c0bab2829e383aeba0fbade7..1740bad5abec22b1fdfa0aaf078e1c7dbb4b7fb8 100644
--- a/lib/private/user/session.php
+++ b/lib/private/user/session.php
@@ -157,7 +157,6 @@ class Session implements Emitter, \OCP\IUserSession {
 		if($user !== false) {
 			if (!is_null($user)) {
 				if ($user->isEnabled()) {
-					session_regenerate_id(true);
 					$this->setUser($user);
 					$this->setLoginName($uid);
 					$this->manager->emit('\OC\User', 'postLogin', array($user, $password));