diff --git a/core/Controller/LoginController.php b/core/Controller/LoginController.php
index c0c0b1a064b5a..f945d405a0628 100644
--- a/core/Controller/LoginController.php
+++ b/core/Controller/LoginController.php
@@ -284,6 +284,7 @@ public function tryLogin($user, $password, $redirect_url, $remember_login = true
 		if(!is_string($user)) {
 			throw new \InvalidArgumentException('Username must be string');
 		}
+		$user = trim($user);
 
 		// If the user is already logged in and the CSRF check does not pass then
 		// simply redirect the user to the correct page as required. This is the