diff --git a/VERSION b/VERSION
index 09ce7d84..0413134b 100644
--- a/VERSION
+++ b/VERSION
@@ -1 +1 @@
-Version 2.4.2-stable+timestamp.2013.03.11.14.22.04
+Version 2.4.2-stable+timestamp.2013.03.11.14.27.56
diff --git a/gluon/tools.py b/gluon/tools.py
index e7d9f2c6..2759173c 100644
--- a/gluon/tools.py
+++ b/gluon/tools.py
@@ -1789,8 +1789,8 @@ class Auth(object):
             if basic_auth_realm:
                 raise http_401
             return (True, False, False)
-        (username, password) = base64.b64decode(basic[6:]).split(':')
-        is_valid_user = self.login_bare(username, password)
+        (username, sep, password) = base64.b64decode(basic[6:]).partition(':')
+        is_valid_user = sep and self.login_bare(username, password)
         if not is_valid_user and basic_auth_realm:
             raise http_401
         return (True, True, is_valid_user)