diff --git a/auth.inc.php b/auth.inc.php
index 592b23ef..92a177a8 100644
--- a/auth.inc.php
+++ b/auth.inc.php
@@ -70,8 +70,12 @@ function auth_error() {
 	page_footer("auth");
 }
 
-$username = $_SESSION["usernames"][$_GET["server"]];
+$username = &$_SESSION["usernames"][$_GET["server"]];
+if (!isset($username)) {
+	$username = $_GET["username"];
+}
 if (!isset($username) || !$mysql->connect($_GET["server"], $username, $_SESSION["passwords"][$_GET["server"]])) {
 	auth_error();
 	exit;
 }
+unset($username);
diff --git a/todo.txt b/todo.txt
index 334558b9..669d32d1 100644
--- a/todo.txt
+++ b/todo.txt
@@ -9,7 +9,6 @@ Bulk update - leave original, set to value, set to NULL
 Save uploaded files after error to session variable instead of hidden field
 Transactions in export
 Compress export and import
-Access without login - accept $_GET
 ? Query print
 ? Execution time in sql.inc.php
 ? Save token also to cookie - for session expiration and login in other window