diff --git a/gio/gdbusauthmechanismsha1.c b/gio/gdbusauthmechanismsha1.c
index 94fe0bce8..a82dddf83 100644
--- a/gio/gdbusauthmechanismsha1.c
+++ b/gio/gdbusauthmechanismsha1.c
@@ -32,6 +32,7 @@
 #endif
 #ifdef G_OS_WIN32
 #include <io.h>
+#include "gwin32sid.h"
 #endif
 
 #include "gdbusauthmechanismsha1.h"
@@ -990,9 +991,12 @@ mechanism_server_initiate (GDBusAuthMechanism   *mechanism,
         }
 #elif defined(G_OS_WIN32)
       gchar *sid;
-      sid = _g_dbus_win32_get_user_sid ();
+
+      sid = _g_win32_current_process_sid_string (NULL);
+
       if (g_strcmp0 (initial_response, sid) == 0)
         m->priv->state = G_DBUS_AUTH_MECHANISM_STATE_HAVE_DATA_TO_SEND;
+
       g_free (sid);
 #else
 #error Please implement for your OS
@@ -1142,20 +1146,25 @@ mechanism_client_initiate (GDBusAuthMechanism   *mechanism,
   g_return_val_if_fail (!m->priv->is_server && !m->priv->is_client, NULL);
 
   m->priv->is_client = TRUE;
-  m->priv->state = G_DBUS_AUTH_MECHANISM_STATE_WAITING_FOR_DATA;
 
   *out_initial_response_len = 0;
 
 #ifdef G_OS_UNIX
   initial_response = g_strdup_printf ("%" G_GINT64_FORMAT, (gint64) getuid ());
-  *out_initial_response_len = strlen (initial_response);
 #elif defined (G_OS_WIN32)
-  initial_response = _g_dbus_win32_get_user_sid ();
-  *out_initial_response_len = strlen (initial_response);
+  initial_response = _g_win32_current_process_sid_string (NULL);
 #else
 #error Please implement for your OS
 #endif
-  g_assert (initial_response != NULL);
+  if (initial_response)
+    {
+      m->priv->state = G_DBUS_AUTH_MECHANISM_STATE_WAITING_FOR_DATA;
+      *out_initial_response_len = strlen (initial_response);
+    }
+  else
+    {
+      m->priv->state = G_DBUS_AUTH_MECHANISM_STATE_REJECTED;
+    }
 
   return initial_response;
 }
diff --git a/gio/gdbusprivate.c b/gio/gdbusprivate.c
index fc58aea06..041fab7a8 100644
--- a/gio/gdbusprivate.c
+++ b/gio/gdbusprivate.c
@@ -55,6 +55,7 @@
 #include <windows.h>
 #include <io.h>
 #include <conio.h>
+#include "gwin32sid.h"
 #endif
 
 #include "glibintl.h"
@@ -2010,69 +2011,6 @@ _g_dbus_compute_complete_signature (GDBusArgInfo **args)
 
 #ifdef G_OS_WIN32
 
-extern BOOL WINAPI ConvertSidToStringSidA (PSID Sid, LPSTR *StringSid);
-
-gchar *
-_g_dbus_win32_get_user_sid (void)
-{
-  HANDLE h;
-  TOKEN_USER *user;
-  DWORD token_information_len;
-  PSID psid;
-  gchar *sid;
-  gchar *ret;
-
-  ret = NULL;
-  user = NULL;
-  h = INVALID_HANDLE_VALUE;
-
-  if (!OpenProcessToken (GetCurrentProcess (), TOKEN_QUERY, &h))
-    {
-      g_warning ("OpenProcessToken failed with error code %d", (gint) GetLastError ());
-      goto out;
-    }
-
-  /* Get length of buffer */
-  token_information_len = 0;
-  if (!GetTokenInformation (h, TokenUser, NULL, 0, &token_information_len))
-    {
-      if (GetLastError () != ERROR_INSUFFICIENT_BUFFER)
-        {
-          g_warning ("GetTokenInformation() failed with error code %d", (gint) GetLastError ());
-          goto out;
-        }
-    }
-  user = g_malloc (token_information_len);
-  if (!GetTokenInformation (h, TokenUser, user, token_information_len, &token_information_len))
-    {
-      g_warning ("GetTokenInformation() failed with error code %d", (gint) GetLastError ());
-      goto out;
-    }
-
-  psid = user->User.Sid;
-  if (!IsValidSid (psid))
-    {
-      g_warning ("Invalid SID");
-      goto out;
-    }
-
-  if (!ConvertSidToStringSidA (psid, &sid))
-    {
-      g_warning ("Invalid SID");
-      goto out;
-    }
-
-  ret = g_strdup (sid);
-  LocalFree (sid);
-
-out:
-  g_free (user);
-  if (h != INVALID_HANDLE_VALUE)
-    CloseHandle (h);
-  return ret;
-}
-
-
 #define DBUS_DAEMON_ADDRESS_INFO "DBusDaemonAddressInfo"
 #define DBUS_DAEMON_MUTEX "DBusDaemonMutex"
 #define UNIQUE_DBUS_INIT_MUTEX "UniqueDBusInitMutex"
diff --git a/gio/gwin32sid.c b/gio/gwin32sid.c
index 978fb048e..6112cf171 100644
--- a/gio/gwin32sid.c
+++ b/gio/gwin32sid.c
@@ -207,3 +207,28 @@ _g_win32_sid_to_string (SID *sid, GError **error)
   LocalFree (tmp);
   return ret;
 }
+
+/**
+ * _g_win32_current_process_sid_string: (skip)
+ * @error: return location for a #GError, or %NULL
+ *
+ * Get the current process SID, as a string.
+ *
+ * Returns: A newly-allocated string, or NULL in case of an error.
+ */
+gchar *
+_g_win32_current_process_sid_string (GError **error)
+{
+  SID *sid;
+  gchar *ret;
+
+  g_return_val_if_fail (error == NULL || *error == NULL, NULL);
+
+  sid = _g_win32_process_get_access_token_sid (0, error);
+  if (!sid)
+    return NULL;
+
+  ret = _g_win32_sid_to_string (sid, error);
+  g_free (sid);
+  return ret;
+}
diff --git a/gio/gwin32sid.h b/gio/gwin32sid.h
index 030eac529..84c037799 100644
--- a/gio/gwin32sid.h
+++ b/gio/gwin32sid.h
@@ -33,6 +33,8 @@ SID      * _g_win32_process_get_access_token_sid         (DWORD    process_id,
 gchar    * _g_win32_sid_to_string                        (SID     *sid,
                                                           GError **error);
 
+gchar    * _g_win32_current_process_sid_string           (GError **error);
+
 G_END_DECLS
 
 #endif /* __G_WIN32_SID_H__ */