diff --git a/libs/common/src/vault/models/domain/login.ts b/libs/common/src/vault/models/domain/login.ts
index 92e6f69ec8..dfd95f83d7 100644
--- a/libs/common/src/vault/models/domain/login.ts
+++ b/libs/common/src/vault/models/domain/login.ts
@@ -69,6 +69,11 @@ export class Login extends Domain {
     if (this.uris != null) {
       view.uris = [];
       for (let i = 0; i < this.uris.length; i++) {
+        // If the uri is null, there is nothing to decrypt or validate
+        if (this.uris[i].uri == null) {
+          continue;
+        }
+
         const uri = await this.uris[i].decrypt(orgId, encKey);
         // URIs are shared remotely after decryption
         // we need to validate that the string hasn't been changed by a compromised server
diff --git a/libs/common/src/vault/services/cipher.service.ts b/libs/common/src/vault/services/cipher.service.ts
index 1f6581b333..d2d28c2d81 100644
--- a/libs/common/src/vault/services/cipher.service.ts
+++ b/libs/common/src/vault/services/cipher.service.ts
@@ -1374,7 +1374,7 @@ export class CipherService implements CipherServiceAbstraction {
 
         if (model.login.uris != null) {
           cipher.login.uris = [];
-          model.login.uris = model.login.uris.filter((u) => u.uri != null);
+          model.login.uris = model.login.uris.filter((u) => u.uri != null && u.uri !== "");
           for (let i = 0; i < model.login.uris.length; i++) {
             const loginUri = new LoginUri();
             loginUri.match = model.login.uris[i].match;