diff --git a/lib/request.js b/lib/request.js
index 385a31d529..8362b328f9 100644
--- a/lib/request.js
+++ b/lib/request.js
@@ -387,8 +387,10 @@ req.__defineGetter__('auth', function(){
   if (!auth) return;
 
   // malformed
-  auth = auth.split(' ')[1];
-  if (!auth) return;
+  var parts = auth.split(' ');
+  if ('basic' != parts[0].toLowerCase()) return;
+  if (!parts[1]) return;
+  auth = parts[1];
 
   // credentials
   auth = new Buffer(auth, 'base64').toString().split(':');
diff --git a/test/req.auth.js b/test/req.auth.js
index d09cecf1d5..7d4f37fc62 100644
--- a/test/req.auth.js
+++ b/test/req.auth.js
@@ -33,6 +33,21 @@ describe('req', function(){
       })
     })
 
+    describe('when Authorization is not Basic', function(){
+      it('should return undefined', function(done){
+        var app = express();
+
+        app.get('/', function(req, res){
+          res.send(req.auth || 'none');
+        });
+
+        request(app)
+        .get('/')
+        .set('Authorization', 'Meow dG9iaTpmZXJyZXQ')
+        .expect('none', done)
+      })
+    })
+
     it('should return .username and .password', function(done){
       var app = express();