diff --git a/inc/auth.php b/inc/auth.php
index 70514316c22f80887ef7b3e5cb988e17eb84c954..6a4108a7caf4964fbed1548a8ae0e7e4496806c0 100644
--- a/inc/auth.php
+++ b/inc/auth.php
@@ -107,7 +107,6 @@ function auth_setup(){
         //support user wildcard
         if(isset($_SERVER['REMOTE_USER'])){
             $AUTH_ACL = str_replace('%USER%',$_SERVER['REMOTE_USER'],$AUTH_ACL);
-            $AUTH_ACL = str_replace('@USER@',$_SERVER['REMOTE_USER'],$AUTH_ACL); //legacy
         }
     }
 }
@@ -569,6 +568,9 @@ function auth_nameencode($name,$skip_group=false){
     $cache =& $cache_authname;
     $name  = (string) $name;
 
+    // never encode wildcard FS#1955
+    if($name == '%USER%') return $name;
+
     if (!isset($cache[$name][$skip_group])) {
         if($skip_group && $name{0} =='@'){
             $cache[$name][$skip_group] = '@'.preg_replace('/([\x00-\x2f\x3a-\x40\x5b-\x60\x7b-\x7f])/e',
diff --git a/inc/init.php b/inc/init.php
index 20263f95aba6221b271aee5217b425a81c857598..9a3eaf9c98ad57c51b2df6ed8a4f1975a432d18d 100644
--- a/inc/init.php
+++ b/inc/init.php
@@ -304,8 +304,7 @@ function init_paths(){
 function init_files(){
     global $conf;
 
-    $files = array( $conf['indexdir'].'/page.idx',
-                    $conf['indexdir'].'/title.idx');
+    $files = array($conf['indexdir'].'/page.idx');
 
     foreach($files as $file){
         if(!@file_exists($file)){
@@ -318,6 +317,22 @@ function init_files(){
             }
         }
     }
+
+    # create title index (needs to have same length as page.idx)
+    $file = $conf['indexdir'].'/title.idx';
+    if(!@file_exists($file)){
+        $pages = file($conf['indexdir'].'/page.idx');
+        $pages = count($pages);
+        $fh = @fopen($file,'a');
+        if($fh){
+            for($i=0; $i<$pages; $i++){
+                fwrite($fh,"\n");
+            }
+            fclose($fh);
+        }else{
+            nice_die("$file is not writable. Check your permissions settings!");
+        }
+    }
 }
 
 /**
diff --git a/lib/plugins/acl/admin.php b/lib/plugins/acl/admin.php
index 1f666660c03061897725387240c7de92e0f6228d..673ffbc963ae1f5d53a523dbf1d5ebee8a107a09 100644
--- a/lib/plugins/acl/admin.php
+++ b/lib/plugins/acl/admin.php
@@ -96,7 +96,10 @@ class admin_plugin_acl extends DokuWiki_Admin_Plugin {
         if($_REQUEST['acl_t'] == '__g__' && $who){
             $this->who = '@'.ltrim($auth->cleanGroup($who),'@');
         }elseif($_REQUEST['acl_t'] == '__u__' && $who){
-            $this->who = ltrim($auth->cleanUser($who),'@');
+            $this->who = ltrim($who,'@');
+            if($this->who != '%USER%'){ #keep wildcard as is
+                $this->who = $auth->cleanUser($this->who);
+            }
         }elseif($_REQUEST['acl_t'] &&
                 $_REQUEST['acl_t'] != '__u__' &&
                 $_REQUEST['acl_t'] != '__g__'){
@@ -150,7 +153,7 @@ class admin_plugin_acl extends DokuWiki_Admin_Plugin {
                             if ($who!='@ALL') {
                                 $who = '@'.ltrim($auth->cleanGroup($who),'@');
                             }
-                        } else {
+                        } elseif ($who != '%USER%'){ #keep wildcard as is
                             $who = $auth->cleanUser($who);
                         }
                         $who = auth_nameencode($who,true);