diff --git a/htdocs/create.php b/htdocs/create.php
index 990bb0ea56a230f16750739326c7f7ca4608b843..418801c2c565f9da0a5f0317ed047b7a8f493d1d 100644
--- a/htdocs/create.php
+++ b/htdocs/create.php
@@ -71,7 +71,7 @@ if (hasEmailAlreadyCreatedAnAccount($authmail)) {
     sendAPIResponse(400, createAPIResponse("general", $error_string));
 }
 
-$auth = isAuthorized(trim($authmail), trim($authsecret));
+$auth = isAuthorized(trim($authmail), trim($authsecret), trim($mbox));
 if (!$auth->success) {
     if (!empty($auth->account)) {
         $error_string = $strings["error_account_done"];
diff --git a/htdocs/helpers.php b/htdocs/helpers.php
index 3f04c83b68ba154b1a18d1cfd8676fe830b6a8cf..4b92b6eaa13ae2ff5cfb3c454ad80ba176cc0380 100644
--- a/htdocs/helpers.php
+++ b/htdocs/helpers.php
@@ -264,6 +264,21 @@ function endsWith(string $string, string $endString): bool
     return (substr($string, -$len) === $endString);
 }
 
+function usernameUsed(string $username) : bool {
+    clearstatcache();
+    if (!file_exists("/var/accounts/auth.file.done")) {
+        return false;
+    }
+    $handle = fopen("/var/accounts/auth.file.done", "r");
+    while (($line = fgets($handle)) !== false) {
+        $authParams = explode(':', $line);
+        if (in_array($username, $authParams)) {
+            return true;
+        }
+    }
+    return false;
+}
+
 function authUsed($authstr)
 {
     clearstatcache();
@@ -282,7 +297,7 @@ function authUsed($authstr)
     }
 }
 
-function isAuthorized($mail, $secret)
+function isAuthorized($mail, $secret, string $username)
 {
     $handle = fopen("/var/accounts/auth.file", "r");
     $res = new \stdClass();
@@ -290,7 +305,8 @@ function isAuthorized($mail, $secret)
         while (($line = fgets($handle)) !== false) {
             if (strcmp(trim($line), "$mail:$secret") == 0) {
                 $account = authUsed(trim($line));
-                if (empty($account)) {
+                $usernameUsed = usernameUsed($username);
+                if (empty($account) && !$usernameUsed) {
                     $res->success = true;
                     return $res;
                 } else {
diff --git a/htdocs/postDelete.php b/htdocs/postDelete.php
index e4db385a3726bca98d22a70b5c58dbe60e355b40..769b50d3ad7cd03d8d0487d7114581002cbc4182 100644
--- a/htdocs/postDelete.php
+++ b/htdocs/postDelete.php
@@ -40,18 +40,10 @@ function purgeAccountFiles()
         if (preg_match($regex, $line) == 1) {
             // temporarely save the line for later use on the file below
             $tmpLine = $line;
-
-            unset($lines[$key]);
         }
     }
+    fclose($lockedFileDone);
     if ($tmpLine) {
-        //Unique line was found, save $AUTH_FILE_DONE with exclusive lock on the file
-        $lines[] = "";
-        $data = implode(PHP_EOL, $lines);
-        ftruncate($lockedFileDone, 0);
-        fwrite($lockedFileDone, $data);
-        fclose($lockedFileDone);
-
         /**
          * for $AUTH_FILE, line pattern is :
          * MAIL_USED_FOR_REGISTRATION:SECRET
diff --git a/htdocs/postDeleteLDAP.php b/htdocs/postDeleteLDAP.php
index 2bf2be7b9c5772d0e5ef0948835936eb8e0e248f..d82bb11a4a4e45473684e9ff6b65f8f475efd8ba 100644
--- a/htdocs/postDeleteLDAP.php
+++ b/htdocs/postDeleteLDAP.php
@@ -40,18 +40,10 @@ function purgeAccountFiles()
         if (preg_match($regex, $line) == 1) {
             // temporarely save the line for later use on the file below
             $tmpLine = $line;
-
-            unset($lines[$key]);
         }
     }
+    fclose($lockedFileDone);
     if ($tmpLine) {
-        //Unique line was found, save $AUTH_FILE_DONE with exclusive lock on the file
-        $lines[] = "";
-        $data = implode(PHP_EOL, $lines);
-        ftruncate($lockedFileDone, 0);
-        fwrite($lockedFileDone, $data);
-        fclose($lockedFileDone);
-
         /**
          * for $AUTH_FILE, line pattern is :
          * MAIL_USED_FOR_REGISTRATION:SECRET