diff --git a/cake/libs/controller/components/auth/base_authenticate.php b/cake/libs/controller/components/auth/base_authenticate.php
index 8c9fb145d..0753640f8 100644
--- a/cake/libs/controller/components/auth/base_authenticate.php
+++ b/cake/libs/controller/components/auth/base_authenticate.php
@@ -59,6 +59,36 @@ abstract class BaseAuthenticate {
 		return Security::hash($password, null, true);
 	}
 
+/**
+ * Find a user record using the standard options.
+ *
+ * @param string $username The username/identifier.
+ * @param string $password The unhashed password.
+ * @return Mixed Either false on failure, or an array of user data.
+ */
+	protected function _findUser($username, $password) {
+		$userModel = $this->settings['userModel'];
+		list($plugin, $model) = pluginSplit($userModel);
+		$fields = $this->settings['fields'];
+
+		$conditions = array(
+			$model . '.' . $fields['username'] => $username,
+			$model . '.' . $fields['password'] => $this->hash($password),
+		);
+		if (!empty($this->settings['scope'])) {
+			$conditions = array_merge($conditions, $this->settings['scope']);
+		}
+		$result = ClassRegistry::init($userModel)->find('first', array(
+			'conditions' => $conditions,
+			'recursive' => 0
+		));
+		if (empty($result) || empty($result[$model])) {
+			return false;
+		}
+		unset($result[$model][$fields['password']]);
+		return $result[$model];
+	}
+
 /**
  * Authenticate a user based on the request information.
  *
diff --git a/cake/libs/controller/components/auth/basic_authenticate.php b/cake/libs/controller/components/auth/basic_authenticate.php
index 0ce840ca5..3d6cbc845 100644
--- a/cake/libs/controller/components/auth/basic_authenticate.php
+++ b/cake/libs/controller/components/auth/basic_authenticate.php
@@ -66,30 +66,16 @@ class BasicAuthenticate extends BaseAuthenticate {
 			return false;
 		}
 
-		$userModel = $this->settings['userModel'];
-		list($plugin, $model) = pluginSplit($userModel);
-		$fields = $this->settings['fields'];
+		$result = $this->_findUser($username, $pass);
 
-		$conditions = array(
-			$model . '.' . $fields['username'] => $username,
-			$model . '.' . $fields['password'] => $this->hash($pass),
-		);
-		if (!empty($this->settings['scope'])) {
-			$conditions = array_merge($conditions, $this->settings['scope']);
-		}
-		$result = ClassRegistry::init($userModel)->find('first', array(
-			'conditions' => $conditions,
-			'recursive' => 0
-		));
-		if (empty($result) || empty($result[$model])) {
+		if (empty($result)) {
 			$response->header($this->loginHeaders());
 			$response->header('Location', Router::reverse($request));
 			$response->statusCode(401);
 			$response->send();
 			return false;
 		}
-		unset($result[$model][$fields['password']]);
-		return $result[$model];
+		return $result;
 	}
 
 /**
diff --git a/cake/libs/controller/components/auth/form_authenticate.php b/cake/libs/controller/components/auth/form_authenticate.php
index 24b472376..d24d9acf2 100644
--- a/cake/libs/controller/components/auth/form_authenticate.php
+++ b/cake/libs/controller/components/auth/form_authenticate.php
@@ -58,22 +58,10 @@ class FormAuthenticate extends BaseAuthenticate {
 		) {
 			return false;
 		}
-		$conditions = array(
-			$model . '.' . $fields['username'] => $request->data[$model][$fields['username']],
-			$model . '.' . $fields['password'] => $this->hash($request->data[$model][$fields['password']]),
+		return $this->_findUser(
+			$request->data[$model][$fields['username']],
+			$request->data[$model][$fields['password']]
 		);
-		if (!empty($this->settings['scope'])) {
-			$conditions = array_merge($conditions, $this->settings['scope']);
-		}
-		$result = ClassRegistry::init($userModel)->find('first', array(
-			'conditions' => $conditions,
-			'recursive' => 0
-		));
-		if (empty($result) || empty($result[$model])) {
-			return false;
-		}
-		unset($result[$model][$fields['password']]);
-		return $result[$model];
 	}
 
 }
\ No newline at end of file