diff --git a/cmd/backrest/backrest.go b/cmd/backrest/backrest.go
index b187d0ba..f08a5acb 100644
--- a/cmd/backrest/backrest.go
+++ b/cmd/backrest/backrest.go
@@ -62,9 +62,6 @@ func main() {
 		zap.S().Fatalf("error loading config: %v", err)
 	}
 
-	// Create the authenticator
-	authenticator := auth.NewAuthenticator(getSecret(), configStore)
-
 	var wg sync.WaitGroup
 
 	// Create / load the operation log
@@ -110,6 +107,7 @@ func main() {
 		logStore,
 	)
 
+	authenticator := auth.NewAuthenticator(getSecret(), configStore)
 	apiAuthenticationHandler := api.NewAuthenticationHandler(authenticator)
 
 	mux := http.NewServeMux()
diff --git a/cmd/devtools/oplogexport/.gitignore b/cmd/devtools/oplogexport/.gitignore
deleted file mode 100644
index c8d06248..00000000
--- a/cmd/devtools/oplogexport/.gitignore
+++ /dev/null
@@ -1 +0,0 @@
-oplog.*
\ No newline at end of file
diff --git a/internal/auth/auth.go b/internal/auth/auth.go
index cc8cb911..fdbb4046 100644
--- a/internal/auth/auth.go
+++ b/internal/auth/auth.go
@@ -12,16 +12,6 @@ import (
 	"golang.org/x/crypto/bcrypt"
 )
 
-var (
-	anonymousUser = &v1.User{
-		Name:     "default",
-		Password: &v1.User_PasswordBcrypt{PasswordBcrypt: "JDJhJDEwJDNCdzJoNFlhaWFZQy9TSDN3ZGxSRHVPZHdzV2lsNmtBSHdFSmtIWHk1dS8wYjZuUWJrMGFx"}, // default password is "password"
-	}
-	defaultUsers = []*v1.User{
-		anonymousUser,
-	}
-)
-
 type Authenticator struct {
 	config config.ConfigStore
 	key    []byte
@@ -43,7 +33,7 @@ func (a *Authenticator) Login(username, password string) (*v1.User, error) {
 		return nil, fmt.Errorf("get config: %w", err)
 	}
 	auth := config.GetAuth()
-	if auth.GetDisabled() {
+	if auth == nil || auth.GetDisabled() {
 		return nil, errors.New("authentication is disabled")
 	}
 
diff --git a/internal/config/validate.go b/internal/config/validate.go
index e5d15f12..439347f1 100644
--- a/internal/config/validate.go
+++ b/internal/config/validate.go
@@ -143,7 +143,7 @@ func validatePlan(plan *v1.Plan, repos map[string]*v1.Repo) error {
 }
 
 func validateAuth(auth *v1.Auth) error {
-	if auth.Disabled {
+	if auth == nil || auth.Disabled {
 		return nil
 	}
 
diff --git a/webui/src/views/LoginModal.tsx b/webui/src/views/LoginModal.tsx
index 0657a69b..114d33df 100644
--- a/webui/src/views/LoginModal.tsx
+++ b/webui/src/views/LoginModal.tsx
@@ -11,27 +11,6 @@ export const LoginModal = () => {
   const [form] = Form.useForm();
   const alertApi = useAlertApi()!;
 
-  useEffect(() => {
-    authenticationService
-      .login(
-        new LoginRequest({
-          username: "default",
-          password: "password",
-        })
-      )
-      .then((loginResponse) => {
-        alertApi.success(
-          "No users configured yet, logged in with default credentials",
-          5
-        );
-        setAuthToken(loginResponse.token);
-        setTimeout(() => {
-          window.location.reload();
-        }, 500);
-      })
-      .catch((e) => {});
-  }, []);
-
   const onFinish = async (values: any) => {
     const loginReq = new LoginRequest({
       username: values.username,