diff --git a/server/modules/authenticator/MySQLAuth/dbusers.c b/server/modules/authenticator/MySQLAuth/dbusers.c
index 7ae3717a3..b8b05b219 100644
--- a/server/modules/authenticator/MySQLAuth/dbusers.c
+++ b/server/modules/authenticator/MySQLAuth/dbusers.c
@@ -463,7 +463,7 @@ bool validate_mysql_user(sqlite3 *handle, DCB *dcb, MYSQL_session *session,
     char *err;
 
     sprintf(sql, mysqlauth_validate_user_query, session->user, dcb->remote,
-            session->db, session->db);
+            dcb->remote, session->db, session->db);
 
     struct user_query_result res = {};
 
@@ -482,7 +482,7 @@ bool validate_mysql_user(sqlite3 *handle, DCB *dcb, MYSQL_session *session,
         char client_hostname[MYSQL_HOST_MAXLEN];
         wildcard_domain_match(dcb->remote, client_hostname);
         sprintf(sql, mysqlauth_validate_user_query, session->user, client_hostname,
-                session->db, session->db);
+                client_hostname, session->db, session->db);
 
         if (sqlite3_exec(handle, sql, auth_cb, &res, &err) != SQLITE_OK)
         {
diff --git a/server/modules/authenticator/MySQLAuth/mysql_auth.h b/server/modules/authenticator/MySQLAuth/mysql_auth.h
index 8e6713f5a..6036a7ea1 100644
--- a/server/modules/authenticator/MySQLAuth/mysql_auth.h
+++ b/server/modules/authenticator/MySQLAuth/mysql_auth.h
@@ -61,7 +61,7 @@ static const char databases_create_sql[] =
 /** Query that checks if there's a grant for the user being authenticated */
 static const char mysqlauth_validate_user_query[] =
     "SELECT password FROM " MYSQLAUTH_USERS_TABLE_NAME
-    " WHERE user = '%s' AND '%s' LIKE host AND (anydb = '1' OR '%s' = '' OR '%s' LIKE db)"
+    " WHERE user = '%s' AND ( '%s' = host OR '%s' LIKE host) AND (anydb = '1' OR '%s' = '' OR '%s' LIKE db)"
     " LIMIT 1";
 
 /** Query that checks that the database exists */