diff --git a/data/web/sogo-auth.php b/data/web/sogo-auth.php
index 640a8e00c..dbc54d7c2 100644
--- a/data/web/sogo-auth.php
+++ b/data/web/sogo-auth.php
@@ -47,13 +47,10 @@ elseif (isset($_GET['login'])) {
     (($_SESSION['acl']['login_as'] == "1" && $ALLOW_ADMIN_EMAIL_LOGIN !== 0) || ($is_dual === false && $login == $_SESSION['mailcow_cc_username']))) {
     if (filter_var($login, FILTER_VALIDATE_EMAIL)) {
       if (user_get_alias_details($login) !== false) {
-        // load master password
-        $sogo_sso_pass = file_get_contents("/etc/sogo-sso/sogo-sso.pass");
-        // register username and password in session
+        // register username in session
         $_SESSION[$session_var_user_allowed][] = $login;
-        $_SESSION[$session_var_pass] = $sogo_sso_pass;
         // set dual login
-        if ($_SESSION['acl']['login_as'] == "1" && $ALLOW_ADMIN_EMAIL_LOGIN !== 0 && $is_dual === false && $_SESSION['mailcow_cc_role'] != "user"){      
+        if ($_SESSION['acl']['login_as'] == "1" && $ALLOW_ADMIN_EMAIL_LOGIN !== 0 && $is_dual === false && $_SESSION['mailcow_cc_role'] != "user"){
           $_SESSION["dual-login"]["username"] = $_SESSION['mailcow_cc_username'];
           $_SESSION["dual-login"]["role"]     = $_SESSION['mailcow_cc_role'];
           $_SESSION['mailcow_cc_username']    = $login;
@@ -95,7 +92,7 @@ elseif (isset($_SERVER['HTTP_X_ORIGINAL_URI']) && strcasecmp(substr($_SERVER['HT
         in_array($email, $_SESSION[$session_var_user_allowed])
     ) {
       $username = $email;
-      $password = $_SESSION[$session_var_pass];
+      $password = file_get_contents("/etc/sogo-sso/sogo-sso.pass");
       header("X-User: $username");
       header("X-Auth: Basic ".base64_encode("$username:$password"));
       header("X-Auth-Type: Basic");