diff --git a/awx/main/backends.py b/awx/main/backends.py
new file mode 100644
index 0000000000..722b94805f
--- /dev/null
+++ b/awx/main/backends.py
@@ -0,0 +1,14 @@
+import logging
+
+from django.conf import settings
+from django.contrib.auth.backends import ModelBackend
+
+logger = logging.getLogger('awx.main.backends')
+
+
+class AWXModelBackend(ModelBackend):
+    def authenticate(self, request, **kwargs):
+        if settings.DISABLE_LOCAL_AUTH:
+            logger.warning(f"User '{kwargs['username']}' attempted login through the disabled local authentication system.")
+            return
+        return super().authenticate(request, **kwargs)
diff --git a/awx/settings/defaults.py b/awx/settings/defaults.py
index 31100f11b3..c2ac5f4b02 100644
--- a/awx/settings/defaults.py
+++ b/awx/settings/defaults.py
@@ -364,7 +364,7 @@ AUTHENTICATION_BACKENDS = (
     'social_core.backends.github_enterprise.GithubEnterpriseTeamOAuth2',
     'social_core.backends.azuread.AzureADOAuth2',
     'awx.sso.backends.SAMLAuth',
-    'django.contrib.auth.backends.ModelBackend',
+    'awx.main.backends.AWXModelBackend',
 )
 
 
diff --git a/awx/sso/fields.py b/awx/sso/fields.py
index c2ad629d6f..deef330842 100644
--- a/awx/sso/fields.py
+++ b/awx/sso/fields.py
@@ -196,6 +196,7 @@ class AuthenticationBackendsField(fields.StringListField):
                 ],
             ),
             ('django.contrib.auth.backends.ModelBackend', []),
+            ('awx.main.backends.AWXModelBackend', []),
         ]
     )