diff --git a/src/config_parser.c b/src/config_parser.c
index 5f30cd3e..bd6ab9d7 100644
--- a/src/config_parser.c
+++ b/src/config_parser.c
@@ -194,6 +194,10 @@ int ssh_config_parse_uri(const char *tok,
             if (*username == NULL) {
                 goto error;
             }
+            rc = ssh_check_username_syntax(*username);
+            if (rc != SSH_OK) {
+                goto error;
+            }
         }
         tok = endp + 1;
         /* If there is second @ character, this does not look like our URI */
diff --git a/src/misc.c b/src/misc.c
index c5213561..76a77357 100644
--- a/src/misc.c
+++ b/src/misc.c
@@ -182,6 +182,7 @@ char *ssh_get_local_username(void)
 {
     DWORD size = 0;
     char *user;
+    int rc;
 
     /* get the size */
     GetUserName(NULL, &size);
@@ -192,7 +193,10 @@ char *ssh_get_local_username(void)
     }
 
     if (GetUserName(user, &size)) {
-        return user;
+        rc = ssh_check_username_syntax(user);
+        if (rc == SSH_OK) {
+            return user;
+        }
     }
 
     return NULL;
@@ -336,8 +340,10 @@ char *ssh_get_local_username(void)
     }
 
     name = strdup(pwd.pw_name);
+    rc = ssh_check_username_syntax(name);
 
-    if (name == NULL) {
+    if (rc != SSH_OK) {
+        free(name);
         return NULL;
     }
 
diff --git a/src/options.c b/src/options.c
index 2727b873..961aba4e 100644
--- a/src/options.c
+++ b/src/options.c
@@ -738,6 +738,11 @@ int ssh_options_set(ssh_session session, enum ssh_options_e type,
                     ssh_set_error_oom(session);
                     return -1;
                 }
+                rc = ssh_check_username_syntax(session->opts.username);
+                if (rc != SSH_OK) {
+                    ssh_set_error_invalid(session);
+                    return -1;
+                }
             }
             break;
         case SSH_OPTIONS_SSH_DIR: