diff --git a/src/Application/Controller/Admin/d3webauthnadminlogin.php b/src/Application/Controller/Admin/d3webauthnadminlogin.php
index b44e342..5686d84 100755
--- a/src/Application/Controller/Admin/d3webauthnadminlogin.php
+++ b/src/Application/Controller/Admin/d3webauthnadminlogin.php
@@ -15,6 +15,9 @@ declare(strict_types=1);
 
 namespace D3\Webauthn\Application\Controller\Admin;
 
+use Assert\Assert;
+use Assert\AssertionFailedException;
+use Assert\InvalidArgumentException;
 use D3\TestingTools\Production\IsMockable;
 use D3\Webauthn\Application\Model\Exceptions\WebauthnGetException;
 use D3\Webauthn\Application\Model\Webauthn;
@@ -125,7 +128,7 @@ class d3webauthnadminlogin extends AdminController
             return $login->adminLogin(
                 d3GetOxidDIC()->get('d3ox.webauthn.'.Request::class)->getRequestEscapedParameter('profile')
             );
-        } catch (WebauthnGetException $e) {
+        } catch (WebauthnGetException|AssertionFailedException $e) {
             d3GetOxidDIC()->get('d3ox.webauthn.'.UtilsView::class)->addErrorToDisplay($e);
             return 'login';
         }
@@ -165,16 +168,19 @@ class d3webauthnadminlogin extends AdminController
 
     /**
      * @return WebauthnLogin
+     * @throws InvalidArgumentException
      */
     protected function getWebAuthnLogin(): WebauthnLogin
     {
         /** @var Request $request */
         $request = d3GetOxidDIC()->get('d3ox.webauthn.'.Request::class);
 
-        return oxNew(
-            WebauthnLogin::class,
-            $request->getRequestEscapedParameter('credential'),
-            $request->getRequestEscapedParameter('error')
-        );
+        $credential = $request->getRequestEscapedParameter('credential');
+        $error = $request->getRequestEscapedParameter('error');
+
+        Assert::that($credential)->string('credential value expected to be string');
+        Assert::that($error)->string('error value expected to be string');
+
+        return oxNew(WebauthnLogin::class, $credential, $error);
     }
 }
diff --git a/src/Modules/Application/Component/d3_webauthn_UserComponent.php b/src/Modules/Application/Component/d3_webauthn_UserComponent.php
index 00f3b91..a09ee4d 100755
--- a/src/Modules/Application/Component/d3_webauthn_UserComponent.php
+++ b/src/Modules/Application/Component/d3_webauthn_UserComponent.php
@@ -17,6 +17,7 @@ namespace D3\Webauthn\Modules\Application\Component;
 
 use Assert\Assert;
 use Assert\AssertionFailedException;
+use Assert\InvalidArgumentException;
 use D3\TestingTools\Production\IsMockable;
 use D3\Webauthn\Application\Model\Exceptions\WebauthnGetException;
 use D3\Webauthn\Application\Model\Exceptions\WebauthnLoginErrorException;
@@ -163,6 +164,7 @@ class d3_webauthn_UserComponent extends d3_webauthn_UserComponent_parent
 
     /**
      * @return WebauthnLogin
+     * @throws InvalidArgumentException
      */
     protected function d3GetWebauthnLogin(): WebauthnLogin
     {
@@ -172,8 +174,7 @@ class d3_webauthn_UserComponent extends d3_webauthn_UserComponent_parent
         $credential = $request->getRequestEscapedParameter('credential');
         $error = $request->getRequestEscapedParameter('error');
 
-        Assert::that($credential)->string('credential value expected to be string')
-            ->notEmpty('credential value expected contained content');
+        Assert::that($credential)->string('credential value expected to be string');
         Assert::that($error)->string('error value expected to be string');
 
         return oxNew(WebauthnLogin::class, $credential, $error);