diff --git a/authplugin.cpp b/authplugin.cpp
index b0590b2..ba9e144 100644
--- a/authplugin.cpp
+++ b/authplugin.cpp
@@ -454,7 +454,7 @@ AuthResult Authentication::aclCheckFromMosquittoAclFile(const std::string &clien
 
 AuthResult Authentication::unPwdCheckFromMosquittoPasswordFile(const std::string &username, const std::string &password)
 {
-    if (this->mosquittoPasswordFile.empty())
+    if (this->mosquittoPasswordFile.empty() && settings.allowAnonymous)
         return AuthResult::success;
 
     if (!this->mosquittoPasswordEntries)
diff --git a/mainapp.cpp b/mainapp.cpp
index c037a18..4826e1a 100644
--- a/mainapp.cpp
+++ b/mainapp.cpp
@@ -434,6 +434,8 @@ void MainApp::start()
         // No threads for execution stability/determinism.
         num_threads = 0;
 
+        settings->allowAnonymous = true;
+
         int fd = open(fuzzFilePath.c_str(), O_RDONLY);
         assert(fd > 0);
 
diff --git a/mqttpacket.cpp b/mqttpacket.cpp
index 4ec5ad3..c34ba3e 100644
--- a/mqttpacket.cpp
+++ b/mqttpacket.cpp
@@ -349,7 +349,11 @@ void MqttPacket::handleConnect()
         bool accessGranted = false;
         std::string denyLogMsg;
 
-        if (!settings.allowUnsafeUsernameChars && containsDangerousCharacters(username))
+        if (!user_name_flag && settings.allowAnonymous)
+        {
+            accessGranted = true;
+        }
+        else if (!settings.allowUnsafeUsernameChars && containsDangerousCharacters(username))
         {
             denyLogMsg = formatString("Username '%s' has + or # in the id and 'allow_unsafe_username_chars' is false.", username.c_str());
             sender->setDisconnectReason("Invalid username character");