diff --git a/src/controllers/authentication.js b/src/controllers/authentication.js
index d5a0965d7b..581f7d931c 100644
--- a/src/controllers/authentication.js
+++ b/src/controllers/authentication.js
@@ -262,6 +262,8 @@ authenticationController.login = async (req, res, next) => {
 			const username = await user.getUsernameByEmail(req.body.username);
 			if (username !== '[[global:guest]]') {
 				req.body.username = username;
+			} else {
+				return errorHandler(req, res, '[[error:invalid-email]]', 400);
 			}
 		}
 		if (isEmailLogin || isUsernameLogin) {
diff --git a/test/authentication.js b/test/authentication.js
index 193d617435..4f72a9a705 100644
--- a/test/authentication.js
+++ b/test/authentication.js
@@ -5,8 +5,8 @@ const assert = require('assert');
 const url = require('url');
 const nconf = require('nconf');
 
-const request = require('../src/request');
 const db = require('./mocks/databasemock');
+const request = require('../src/request');
 const user = require('../src/user');
 const utils = require('../src/utils');
 const meta = require('../src/meta');
@@ -52,8 +52,8 @@ describe('authentication', () => {
 		meta.config.allowLoginWith = 'username-email';
 		const uid = await user.create({ username: '2nduser', password: '2ndpassword', email: '2nduser@nodebb.org' });
 		const { response, body } = await helpers.loginUser('2nduser@nodebb.org', '2ndpassword');
-		assert.strictEqual(response.statusCode, 403);
-		assert.strictEqual(body, '[[error:invalid-login-credentials]]');
+		assert.strictEqual(response.statusCode, 400);
+		assert.strictEqual(body, '[[error:invalid-email]]');
 		meta.config.allowLoginWith = oldValue;
 	});