diff --git a/kippo/commands/base.py b/kippo/commands/base.py
index ac899b4..6e6a07a 100644
--- a/kippo/commands/base.py
+++ b/kippo/commands/base.py
@@ -169,7 +169,7 @@ class command_passwd(HoneyPotCommand):
     def finish(self, line):
         self.honeypot.password_input = False
 
-        if line != self.passwd:
+        if line != self.passwd or self.passwd == '*':
             self.writeln('Sorry, passwords do not match')
             self.exit()
             return
diff --git a/kippo/core/userdb.py b/kippo/core/userdb.py
index 425a851..9b87dbd 100644
--- a/kippo/core/userdb.py
+++ b/kippo/core/userdb.py
@@ -59,7 +59,7 @@ class UserDB:
         '''note that it allows multiple passwords for a single username'''
 
         for (login, uid, passwd) in self.userdb:
-            if login == thelogin and (passwd == thepasswd or passwd == '*'):
+            if login == thelogin and passwd in (thepasswd, '*'):
                 return True
         return False