diff --git a/login.php b/login.php
index 4c7f3b6c12bd668c205d686803b5058d0847fca5..f19c1a3ec8897bb98784793e29222693af5a3277 100644
--- a/login.php
+++ b/login.php
@@ -86,7 +86,7 @@ elseif ($_POST && isset($_POST['lticket'])) {
             Http::redirect('tickets.php');
 
         // This will succeed as it is checked in the authentication backend
-        $ticket = Ticket::lookupByNumber($_POST['lticket']);
+        $ticket = Ticket::lookupByNumber($_POST['lticket'], $_POST['lemail']);
 
         // We're using authentication backend so we can guard aganist brute
         // force attempts (which doesn't buy much since the link is emailed)