diff --git a/packages/gatekeeper/src/app/login/page.tsx b/packages/gatekeeper/src/app/login/page.tsx
index 410641c..6d901fa 100644
--- a/packages/gatekeeper/src/app/login/page.tsx
+++ b/packages/gatekeeper/src/app/login/page.tsx
@@ -17,8 +17,8 @@ export default async function LoginPage({ searchParams }: LoginPageProps) {
   async function login(formData: FormData) {
     "use server";
 
-    const email = formData.get("email") as string;
-    const password = formData.get("password") as string;
+    const email = (formData.get("email") as string || "").trim();
+    const password = (formData.get("password") as string || "").trim();
 
     const expectedCode = process.env.GATEKEEPER_PASSWORD || "mintel";
     const adminEmail = process.env.DIRECTUS_ADMIN_EMAIL;
@@ -31,19 +31,19 @@ export default async function LoginPage({ searchParams }: LoginPageProps) {
     let userIdentity = "";
     let userCompany: any = null;
 
-    // 1. Check Global Admin (from ENV)
-    if (
+    // 1. Check Generic Code (Guest) - High Priority to prevent autofill traps
+    if (password === expectedCode) {
+      userIdentity = "Guest";
+    }
+    // 2. Check Global Admin (from ENV)
+    else if (
       adminEmail &&
       adminPassword &&
-      email === adminEmail &&
-      password === adminPassword
+      email === adminEmail.trim() &&
+      password === adminPassword.trim()
     ) {
       userIdentity = "Admin";
     }
-    // 2. Check Generic Code (Guest)
-    else if (!email && password === expectedCode) {
-      userIdentity = "Guest";
-    }
     // 3. Check Lightweight Client Users (dedicated collection)
     if (email && password && process.env.INFRA_DIRECTUS_URL) {
       try {