diff --git a/security/MemberAuthenticator.php b/security/MemberAuthenticator.php
index 01586ce65..bfa6a6f49 100644
--- a/security/MemberAuthenticator.php
+++ b/security/MemberAuthenticator.php
@@ -47,11 +47,11 @@ class MemberAuthenticator extends Authenticator {
 		}
 
 		// Check default login (see Security::setDefaultAdmin())
-		$asDefaultAdmin = $email === Security::default_admin_username();
+		$asDefaultAdmin = Security::has_default_admin() && $email === Security::default_admin_username();
 		if($asDefaultAdmin) {
 			// If logging is as default admin, ensure record is setup correctly
 			$member = Member::default_admin();
-			$success = !$member->isLockedOut() && Security::check_default_admin($email, $data['Password']);
+			$success = Security::check_default_admin($email, $data['Password']) && $member && !$member->isLockedOut();
 			//protect against failed login
 			if($success) {
 				return $member;
diff --git a/security/Security.php b/security/Security.php
index 6e960ccbf..19d481204 100644
--- a/security/Security.php
+++ b/security/Security.php
@@ -873,9 +873,9 @@ class Security extends Controller implements TemplateGlobalProvider {
 	 */
 	public static function check_default_admin($username, $password) {
 		return (
-			self::$default_username === $username
+			self::has_default_admin()
+			&& self::$default_username === $username
 			&& self::$default_password === $password
-			&& self::has_default_admin()
 		);
 	}