diff --git a/pkg/docker/config.go b/pkg/docker/config.go
index 8a00e4c2f..94e24ee49 100644
--- a/pkg/docker/config.go
+++ b/pkg/docker/config.go
@@ -29,6 +29,9 @@ func (v *BasicAuth) Decode() (string, string, error) {
 		return "", "", err
 	}
 	split := strings.Split(string(bytes), ":")
+	if len(split) != 2 {
+		return "", "", fmt.Errorf("expected username and password concatenated with a colon (:)")
+	}
 	return split[0], split[1], nil
 }
 
diff --git a/pkg/docker/config_test.go b/pkg/docker/config_test.go
index 28b75e77c..1a7dfbfb8 100644
--- a/pkg/docker/config_test.go
+++ b/pkg/docker/config_test.go
@@ -82,6 +82,17 @@ func TestConfig_Read(t *testing.T) {
 				},
 			},
 		},
+		{
+			name: "Should return error when auth is not username and password concatenated with a colon",
+			givenJSON: `{
+							"auths": {
+								"my-registry.domain.io": {
+									"auth": "b25seXVzZXJuYW1l"
+								}
+							}
+						}`,
+			expectedError: errors.New("expected username and password concatenated with a colon (:)"),
+		},
 	}
 
 	for _, tc := range testCases {
diff --git a/pkg/kube/secrets.go b/pkg/kube/secrets.go
index 770df7de5..ee8944c49 100644
--- a/pkg/kube/secrets.go
+++ b/pkg/kube/secrets.go
@@ -77,7 +77,7 @@ func MapDockerRegistryServersToAuths(imagePullSecrets []corev1.Secret) (map[stri
 		dockerConfig := &docker.Config{}
 		err := dockerConfig.Read(data)
 		if err != nil {
-			return nil, fmt.Errorf("reading content of %s: %w", corev1.DockerConfigJsonKey, err)
+			return nil, fmt.Errorf("reading %s field of %q secret: %w", corev1.DockerConfigJsonKey, secret.Namespace+"/"+secret.Name, err)
 		}
 		for authKey, auth := range dockerConfig.Auths {
 			server, err := docker.GetServerFromDockerAuthKey(authKey)