diff --git a/radicale/__init__.py b/radicale/__init__.py
index f5aabcb..cbc7b60 100644
--- a/radicale/__init__.py
+++ b/radicale/__init__.py
@@ -53,18 +53,17 @@ VERSION = "git"
 
 def _check(request, function):
     """Check if user has sufficient rights for performing ``request``."""
+    # ``_check`` decorator can access ``request`` protected functions
+    # pylint: disable=W0212
     authorization = request.headers.get("Authorization", None)
     if authorization:
         challenge = authorization.lstrip("Basic").strip().encode("ascii")
-        # ``_check`` decorator can access ``request`` protected functions
-        # pylint: disable=W0212
         plain = request._decode(base64.b64decode(challenge))
-        # pylint: enable=W0212
         user, password = plain.split(":")
     else:
         user = password = None
 
-    if request.server.acl.has_right(user, password):
+    if request.server.acl.has_right(request._calendar.owner, user, password):
         function(request)
     else:
         request.send_response(client.UNAUTHORIZED)
@@ -72,6 +71,7 @@ def _check(request, function):
             "WWW-Authenticate",
             "Basic realm=\"Radicale Server - Password Required\"")
         request.end_headers()
+    # pylint: enable=W0212
 
 
 class HTTPServer(server.HTTPServer):
diff --git a/radicale/acl/htpasswd.py b/radicale/acl/htpasswd.py
index 0933e30..bb2f26b 100644
--- a/radicale/acl/htpasswd.py
+++ b/radicale/acl/htpasswd.py
@@ -54,15 +54,16 @@ def _sha1(hash_value, password):
     return sha1.digest() == base64.b64decode(hash_value)
 
 
-def has_right(user, password):
+def has_right(owner, user, password):
     """Check if ``user``/``password`` couple is valid."""
     for line in open(FILENAME).readlines():
         if line.strip():
             login, hash_value = line.strip().split(":")
-            if login == user:
+            if login == user and (not PERSONAL or user == owner):
                 return CHECK_PASSWORD(hash_value, password)
     return False
 
 
 FILENAME = config.get("acl", "filename")
+PERSONAL = config.getboolean("acl", "personal")
 CHECK_PASSWORD = locals()["_%s" % config.get("acl", "encryption")]
diff --git a/radicale/config.py b/radicale/config.py
index 020733f..1cf9dd6 100644
--- a/radicale/config.py
+++ b/radicale/config.py
@@ -52,6 +52,7 @@ INITIAL_CONFIG = {
         "stock": "utf-8"},
     "acl": {
         "type": "fake",
+        "personal": "False",
         "filename": "/etc/radicale/users",
         "encryption": "crypt"},
     "storage": {