diff --git a/src/httpd.js.c b/src/httpd.js.c
index 84224e96..d29bc122 100644
--- a/src/httpd.js.c
+++ b/src/httpd.js.c
@@ -1351,11 +1351,10 @@ static bool _verify_password(const char* password, const char* hash)
 	return out_hash && strcmp(hash, out_hash) == 0;
 }
 
-static bool _make_administrator_if_first(tf_ssb_t* ssb, const char* account_name_copy, bool may_become_first_admin)
+static bool _make_administrator_if_first(tf_ssb_t* ssb, JSContext* context, const char* account_name_copy, bool may_become_first_admin)
 {
-	JSContext* context = tf_ssb_get_context(ssb);
 	const char* settings = tf_ssb_db_get_property(ssb, "core", "settings");
-	JSValue settings_value = settings ? JS_ParseJSON(context, settings, strlen(settings), NULL) : JS_UNDEFINED;
+	JSValue settings_value = settings && *settings ? JS_ParseJSON(context, settings, strlen(settings), NULL) : JS_UNDEFINED;
 	if (JS_IsUndefined(settings_value))
 	{
 		settings_value = JS_NewObject(context);
@@ -1523,7 +1522,7 @@ static void _httpd_endpoint_login_work(tf_ssb_t* ssb, void* user_data)
 		tf_free(post_form_data);
 	}
 
-	bool have_administrator = _make_administrator_if_first(ssb, account_name_copy, may_become_first_admin);
+	bool have_administrator = _make_administrator_if_first(ssb, context, account_name_copy, may_become_first_admin);
 
 	if (session_is_new && _form_data_get(form_data, "return") && !login_error)
 	{