diff --git a/internal/bridge/user.go b/internal/bridge/user.go
index 0df30f9e..368f4c43 100644
--- a/internal/bridge/user.go
+++ b/internal/bridge/user.go
@@ -129,7 +129,7 @@ func (bridge *Bridge) LoginAuth(ctx context.Context, username string, password [
 		return nil, proton.Auth{}, fmt.Errorf("failed to create new API client: %w", err)
 	}
 
-	if ok := safe.RLockRet(func() bool { return mapHas(bridge.users, auth.UID) }, bridge.usersLock); ok {
+	if ok := safe.RLockRet(func() bool { return mapHas(bridge.users, auth.UserID) }, bridge.usersLock); ok {
 		logrus.WithField("userID", auth.UserID).Warn("User already logged in")
 
 		if err := client.AuthDelete(ctx); err != nil {
diff --git a/internal/bridge/user_test.go b/internal/bridge/user_test.go
index 444e55ae..97795a50 100644
--- a/internal/bridge/user_test.go
+++ b/internal/bridge/user_test.go
@@ -61,6 +61,24 @@ func TestBridge_Login(t *testing.T) {
 	})
 }
 
+func TestBridge_LoginTwice(t *testing.T) {
+	withEnv(t, func(ctx context.Context, s *server.Server, netCtl *proton.NetCtl, locator bridge.Locator, storeKey []byte) {
+		withBridge(ctx, t, s.GetHostURL(), netCtl, locator, storeKey, func(bridge *bridge.Bridge, mocks *bridge.Mocks) {
+			// Login the user.
+			userID, err := bridge.LoginFull(ctx, username, password, nil, nil)
+			require.NoError(t, err)
+
+			// The user is now connected.
+			require.Equal(t, []string{userID}, bridge.GetUserIDs())
+			require.Equal(t, []string{userID}, getConnectedUserIDs(t, bridge))
+
+			// Additional login should fail.
+			_, err = bridge.LoginFull(ctx, username, password, nil, nil)
+			require.Error(t, err)
+		})
+	})
+}
+
 func TestBridge_LoginLogoutLogin(t *testing.T) {
 	withEnv(t, func(ctx context.Context, s *server.Server, netCtl *proton.NetCtl, locator bridge.Locator, storeKey []byte) {
 		withBridge(ctx, t, s.GetHostURL(), netCtl, locator, storeKey, func(bridge *bridge.Bridge, mocks *bridge.Mocks) {