diff --git a/library/Icinga/Authentication/Auth.php b/library/Icinga/Authentication/Auth.php
index 0cddf1441..8ff11b091 100644
--- a/library/Icinga/Authentication/Auth.php
+++ b/library/Icinga/Authentication/Auth.php
@@ -292,7 +292,7 @@ class Auth
         }
         $authorization = substr($header, strlen('Basic '));
         $credentials = base64_decode($authorization);
-        $credentials = array_filter(explode(':', $credentials));
+        $credentials = array_filter(explode(':', $credentials, 2));
         if (count($credentials) !== 2) {
             // Deny empty username and/or password
             $this->challengeHttp();