diff --git a/check-sftp-user.sh b/check-sftp-user.sh
index f7c0038..f2dcf35 100644
--- a/check-sftp-user.sh
+++ b/check-sftp-user.sh
@@ -58,19 +58,26 @@ echo
 
 echo "=== 2. USER GROUPS CHECK ==="
 if id "$USERNAME" &>/dev/null; then
-    GROUPS=$(id -Gn "$USERNAME")
-    if echo "$GROUPS" | grep -q "sftpusers"; then
+    GROUPS=$(id -Gn "$USERNAME" 2>/dev/null)
+    GROUPS_LIST="$GROUPS"
+    
+    # Debug: Show actual groups
+    echo "  All groups: $GROUPS_LIST"
+    
+    # Check for sftpusers or sshusers group
+    if echo "$GROUPS_LIST" | grep -qw "sftpusers"; then
         print_status "OK" "User is in sftpusers group (SFTP-only access)"
-    elif echo "$GROUPS" | grep -q "sshusers"; then
+    elif echo "$GROUPS_LIST" | grep -qw "sshusers"; then
         print_status "OK" "User is in sshusers group (SSH+SFTP access)"
     else
         print_status "ERROR" "User is NOT in sftpusers or sshusers group!"
-        echo "  Current groups: $GROUPS"
+        echo "  Current groups: $GROUPS_LIST"
         echo "  Fix: usermod -aG sftpusers $USERNAME (for SFTP-only)"
         echo "  Fix: usermod -aG sshusers $USERNAME (for SSH+SFTP)"
     fi
     
-    if echo "$GROUPS" | grep -q "litespeed"; then
+    # Check for litespeed group
+    if echo "$GROUPS_LIST" | grep -qw "litespeed"; then
         print_status "OK" "User is in litespeed group"
     else
         print_status "WARNING" "User is NOT in litespeed group (may affect file access)"
@@ -301,20 +308,22 @@ echo
 echo "=== 9. AUTHENTICATION TEST (SIMULATED) ==="
 if id "$USERNAME" &>/dev/null; then
     USER_SHELL=$(getent passwd $USERNAME | cut -d: -f7)
+    AUTH_GROUPS=$(id -Gn "$USERNAME" 2>/dev/null)
+    
     if [ "$USER_SHELL" = "/sbin/nologin" ]; then
-        GROUPS=$(id -Gn "$USERNAME")
-        if echo "$GROUPS" | grep -q "sftpusers"; then
+        if echo "$AUTH_GROUPS" | grep -qw "sftpusers"; then
             print_status "OK" "User configured for SFTP-only (nologin shell + sftpusers group)"
             echo "  Note: This user can ONLY use SFTP, not SSH shell access"
         else
             print_status "ERROR" "User has nologin shell but NOT in sftpusers group!"
+            echo "  Current groups: $AUTH_GROUPS"
         fi
     elif [ "$USER_SHELL" = "/bin/bash" ] || [ "$USER_SHELL" = "/bin/sh" ]; then
-        GROUPS=$(id -Gn "$USERNAME")
-        if echo "$GROUPS" | grep -q "sshusers"; then
+        if echo "$AUTH_GROUPS" | grep -qw "sshusers"; then
             print_status "OK" "User configured for SSH+SFTP (bash shell + sshusers group)"
         else
             print_status "ERROR" "User has bash shell but NOT in sshusers group!"
+            echo "  Current groups: $AUTH_GROUPS"
             echo "  Fix: usermod -aG sshusers $USERNAME"
         fi
     else