diff --git a/data/web/inc/functions.inc.php b/data/web/inc/functions.inc.php
index 20d82a92..b19792e2 100644
--- a/data/web/inc/functions.inc.php
+++ b/data/web/inc/functions.inc.php
@@ -129,7 +129,9 @@ function generate_tlsa_digest($hostname, $port, $starttls = null) {
 }
 function verify_ssha256($hash, $password) {
 	// Remove tag if any
-	$hash = ltrim($hash, '{SSHA256}');
+  if (substr($hash, 0, strlen('{SSHA256}')) == '{SSHA256}') {
+    $hash = substr($hash, strlen('{SSHA256}'));
+  }
 	// Decode hash
 	$dhash = base64_decode($hash);
 	// Get first 32 bytes of binary which equals a SHA256 hash