diff --git a/src/auth.rs b/src/auth.rs
index 86256d7..f9e62b4 100644
--- a/src/auth.rs
+++ b/src/auth.rs
@@ -204,8 +204,12 @@ impl<S: CredentialStore + Clone> AuthManager<S> {
             return AuthStatus::Granted { username, key };
         }
 
-        let key_hex = hex::encode(&key);
-        warn!("auth reject: bad credentials username={} realm={} peer={} a1_md5={} (debug)", username, realm, peer, key_hex);
+        // No acceptance without MI validation.
+        let mi_attr = find_message_integrity(msg).map(|a| hex::encode(&a.value));
+        let mi_long = hex::encode(&crate::stun::compute_message_integrity(&key, msg.raw.as_slice()));
+        let mi_short = hex::encode(&crate::stun::compute_message_integrity(short_key, msg.raw.as_slice()));
+        warn!("auth reject: bad credentials username={} realm={} peer={} a1_md5={} mi_attr={:?} mi_long(fullmsg)={} mi_short(fullmsg)={}",
+            username, realm, peer, hex::encode(&key), mi_attr, mi_long, mi_short);
         AuthStatus::Reject {
             code: 401,
             reason: "Bad Credentials",