diff --git a/core/Controller/LoginController.php b/core/Controller/LoginController.php
index c0c0b1a064b..f945d405a06 100644
--- a/core/Controller/LoginController.php
+++ b/core/Controller/LoginController.php
@@ -284,6 +284,7 @@ class LoginController extends Controller {
 		if(!is_string($user)) {
 			throw new \InvalidArgumentException('Username must be string');
 		}
+		$user = trim($user);
 
 		// If the user is already logged in and the CSRF check does not pass then
 		// simply redirect the user to the correct page as required. This is the