diff --git a/include/errmsg.h b/include/errmsg.h
index 300da39e..6bcf50ad 100644
--- a/include/errmsg.h
+++ b/include/errmsg.h
@@ -66,6 +66,7 @@ extern const char *client_errors[];	/* Error messages */
 #define CR_PARAMS_NOT_BOUND     2031
 #define CR_INVALID_PARAMETER_NO  2034
 #define CR_UNSUPPORTED_PARAM_TYPE 2036
+#define CR_SECURE_AUTH          2049
 #define CR_NO_DATA              2051
 #define CR_NO_STMT_METADATA     2052
 #define CR_NOT_IMPLEMENTED      2054
diff --git a/libmariadb/errmsg.c b/libmariadb/errmsg.c
index 80a42e38..fd51c998 100644
--- a/libmariadb/errmsg.c
+++ b/libmariadb/errmsg.c
@@ -129,7 +129,7 @@ const char *client_errors[]=
 /* 2046 */  "",
 /* 2047 */  "",
 /* 2048 */  "",
-/* 2049 */  "",
+/* 2049 */  "Connection with old authentication protocol refused.",
 /* 2050 */  "",
 /* 2051 */  "",
 /* 2052 */  "Prepared statement contains no metadata",
diff --git a/libmariadb/libmariadb.c b/libmariadb/libmariadb.c
index ed234aa4..aff94cd3 100644
--- a/libmariadb/libmariadb.c
+++ b/libmariadb/libmariadb.c
@@ -1866,7 +1866,15 @@ MYSQL *mthd_my_real_connect(MYSQL *mysql, const char *host, const char *user,
       scramble_plugin= native_password_plugin_name;
     }
   } else
+  {
     mysql->server_capabilities&= ~CLIENT_SECURE_CONNECTION;
+    if (mysql->options.secure_auth)
+    {
+      SET_CLIENT_ERROR(mysql, CR_SECURE_AUTH, unknown_sqlstate, 0);
+      goto error;
+    }
+  }
+   
 
   /* Set character set */
   if (mysql->options.charset_name)
@@ -3076,7 +3084,9 @@ mysql_optionsv(MYSQL *mysql,enum mysql_option option, ...)
       }
     }
     break;
-
+  case MYSQL_SECURE_AUTH:
+    mysql->options.secure_auth= *(my_bool *)arg1;
+    break;
   default:
     va_end(ap);
     DBUG_RETURN(-1);