diff --git a/adminer/include/auth.inc.php b/adminer/include/auth.inc.php
index fef6b629..f8a5a399 100644
--- a/adminer/include/auth.inc.php
+++ b/adminer/include/auth.inc.php
@@ -160,7 +160,7 @@ if (isset($_GET["username"]) && !class_exists("Min_DB")) {
 
 stop_session(true);
 
-if (isset($_GET["username"])) {
+if (isset($_GET["username"]) && is_string(get_password())) {
 	list($host, $port) = explode(":", SERVER, 2);
 	if (is_numeric($port) && $port < 1024) {
 		auth_error(lang('Connecting to privileged ports is not allowed.'));
diff --git a/adminer/include/functions.inc.php b/adminer/include/functions.inc.php
index 02fa0e52..d208e0b2 100644
--- a/adminer/include/functions.inc.php
+++ b/adminer/include/functions.inc.php
@@ -351,7 +351,7 @@ function set_password($vendor, $server, $username, $password) {
 }
 
 /** Get password from session
-* @return string
+* @return string or null for missing password or false for expired password
 */
 function get_password() {
 	$return = get_session("pwds");
diff --git a/changes.txt b/changes.txt
index 81034969..ff511b6d 100644
--- a/changes.txt
+++ b/changes.txt
@@ -1,4 +1,5 @@
 Adminer 4.7.2-dev:
+Do not attempt logging in without password (bug #676)
 MySQL: Fix creating users and changing password in MySQL 8 (bug #663)
 
 Adminer 4.7.1 (released 2019-01-24):