diff --git a/wp-includes/functions-formatting.php b/wp-includes/functions-formatting.php
index 8747854406..5af4df58b9 100644
--- a/wp-includes/functions-formatting.php
+++ b/wp-includes/functions-formatting.php
@@ -278,7 +278,7 @@ function sanitize_user( $username, $strict = false ) {
 
 	// If strict, reduce to ASCII for max portability.
 	if ( $strict )
-		$username = preg_replace('|[^a-z0-9 _.-@]|i', '', $username);
+		$username = preg_replace('|[^a-z0-9 _.\-@]|i', '', $username);
 
 	return apply_filters('sanitize_user', $username, $raw_username, $strict);
 }