diff --git a/core/admin/mailu/limiter.py b/core/admin/mailu/limiter.py
index 47658ba4..f02b1662 100644
--- a/core/admin/mailu/limiter.py
+++ b/core/admin/mailu/limiter.py
@@ -72,7 +72,7 @@ class LimitWraperFactory(object):
         limiter = self.get_limiter(app.config["AUTH_RATELIMIT_USER"], 'auth-user')
         if self.is_subject_to_rate_limits(ip):
             truncated_password = hmac.new(bytearray(username, 'utf-8'), bytearray(password, 'utf-8'), 'sha256').hexdigest()[-6:]
-            if password and self.storage.get(f'dedup2-{username}-{truncated_password}') > 0:
+            if password and (self.storage.get(f'dedup2-{username}-{truncated_password}') > 0):
                 return
             self.storage.incr(f'dedup2-{username}-{truncated_password}', limits.parse(app.config['AUTH_RATELIMIT_USER']).GRANULARITY.seconds, True)
             limiter.hit(device_cookie if device_cookie_name == username else username)