diff --git a/basic_auth.go b/basic_auth.go
index 181d8a3..caffafa 100644
--- a/basic_auth.go
+++ b/basic_auth.go
@@ -48,6 +48,11 @@ func (b basicAuth) ServeHTTP(w http.ResponseWriter, r *http.Request) {
 func (b *basicAuth) authenticate(r *http.Request) bool {
 	const basicScheme string = "Basic "
 
+	// Prevent authentication with empty credentials if User and Password is not set
+	if b.opts.User == "" || b.opts.Password == "" {
+		return false
+	}
+
 	// Confirm the request is sending Basic Authentication credentials.
 	auth := r.Header.Get("Authorization")
 	if !strings.HasPrefix(auth, basicScheme) {
diff --git a/basic_auth_test.go b/basic_auth_test.go
index d5166d8..4dcd5e0 100644
--- a/basic_auth_test.go
+++ b/basic_auth_test.go
@@ -42,3 +42,11 @@ func TestBasicAuthAuthenticate(t *testing.T) {
 		t.Fatal("Failed on correct credentials")
 	}
 }
+
+func TestBasicAuthAutenticateWithouUserAndPass(t *testing.T) {
+	b := basicAuth{opts: AuthOptions{}}
+
+	if b.authenticate(nil) {
+		t.Fatal("Should not authenticate if user or pass are not set on opts")
+	}
+}