diff --git a/app/models/user.rb b/app/models/user.rb
index 2dd698f2887b406aa259995a546a4177d80b48d3..ae81d46d219a4c21b92e2be86f688dab83255055 100644
--- a/app/models/user.rb
+++ b/app/models/user.rb
@@ -83,6 +83,8 @@ class User < ActiveRecord::Base
   
   # Returns the user that matches provided login and password, or nil
   def self.try_to_login(login, password)
+    # Make sure no one can sign in with an empty password
+    return nil if password.to_s.empty?
     user = find(:first, :conditions => ["login=?", login])
     if user
       # user is already in local database