diff --git a/src/middleware/basicAuth.js b/src/middleware/basicAuth.js
index 83f952398..672a4d43e 100644
--- a/src/middleware/basicAuth.js
+++ b/src/middleware/basicAuth.js
@@ -32,9 +32,10 @@ const basicAuthMiddleware = async function (request, response, callback) {
     }
 
     const usePerUserAuth = PER_USER_BASIC_AUTH && ENABLE_ACCOUNTS;
-    const [username, password] = Buffer.from(credentials, 'base64')
+    const [username, ...passwordParts] = Buffer.from(credentials, 'base64')
         .toString('utf8')
         .split(':');
+    const password = passwordParts.join(':');
 
     if (!usePerUserAuth && username === basicAuthUserName && password === basicAuthUserPassword) {
         return callback();
diff --git a/src/users.js b/src/users.js
index 5b5ef55cc..8693c767a 100644
--- a/src/users.js
+++ b/src/users.js
@@ -822,9 +822,10 @@ async function basicUserLogin(request) {
         return false;
     }
 
-    const [username, password] = Buffer.from(credentials, 'base64')
+    const [username, ...passwordParts] = Buffer.from(credentials, 'base64')
         .toString('utf8')
         .split(':');
+    const password = passwordParts.join(':');
 
     const userHandles = await getAllUserHandles();
     for (const userHandle of userHandles) {