diff --git a/inc/admin_functions.inc.php b/inc/admin_functions.inc.php
index d34662f8..6ec41346 100644
--- a/inc/admin_functions.inc.php
+++ b/inc/admin_functions.inc.php
@@ -380,7 +380,7 @@ function hesk_activeSessionValidate($username, $password_hash, $tag)
     list($salt, $hash) = explode('|', $tag, 2);
 
     // Make sure the hash matches existing username and password
-    if ($hash == sha1($salt . $username . $password_hash) )
+    if ($hash == sha1($salt . strtolower($username) . $password_hash) )
     {
         return true;
     }
@@ -392,7 +392,7 @@ function hesk_activeSessionValidate($username, $password_hash, $tag)
 function hesk_activeSessionCreateTag($username, $password_hash)
 {
     $salt = uniqid(mt_rand(), true);
-    return $salt . '|' . sha1($salt . $username . $password_hash);
+    return $salt . '|' . sha1($salt . strtolower($username) . $password_hash);
 } // END hesk_activeSessionCreateTag()