diff --git a/authserv/ldap_model.py b/authserv/ldap_model.py
index ae9aadb516dd5b269cc47f3bb0a8fdea982e099a..ac1225a2a351d81b19831beb068def12992156fc 100644
--- a/authserv/ldap_model.py
+++ b/authserv/ldap_model.py
@@ -116,7 +116,14 @@ class User(model.User):
                 self._otp_enabled = True
                 self._totp_secret = values[0]
             elif key == SCHEMA['app_specific_password']:
-                self._asps = [v.split(':', 1) for v in values]
+                # Format is service:password:comment. Ignore the
+                # comment, and avoid dying on malformed input.
+                self._asps = []
+                for v in values:
+                    try:
+                        self._asps.append(v.split(':')[:2])
+                    except:
+                        pass
             elif key == SCHEMA['shard']:
                 self._shard = values[0]