diff --git a/test/verify/check-system-realms b/test/verify/check-system-realms
index 802258612426..092a85b0465c 100755
--- a/test/verify/check-system-realms
+++ b/test/verify/check-system-realms
@@ -397,11 +397,16 @@ class CommonTests:
 
         def do_test(authopts, expected, not_expected=None, session_leader=None):
             m.start_cockpit(tls=True)
-            output = m.execute(['curl', '-ksS', '-D-', *authopts, 'https://localhost:9090/cockpit/login'])
-            for s in expected:
-                self.assertIn(s, output)
-            for s in (not_expected or []):
-                self.assertNotIn(s, output)
+
+            def try_auth():
+                output = m.execute(['curl', '-ksS', '-D-', *authopts, 'https://localhost:9090/cockpit/login'])
+                for s in expected:
+                    self.assertIn(s, output)
+                for s in (not_expected or []):
+                    self.assertNotIn(s, output)
+                return True
+
+            testlib.wait(try_auth, delay=5, tries=10)
 
             # sessions/users often hang around in State=closing for a long time, ignore these
             if session_leader:
@@ -427,6 +432,8 @@ class CommonTests:
 
         # from sssd
         self.allow_journal_messages("alice is not allowed to run sudo on x0.  This incident will be reported.")
+        # occasional intermediate error during password auth
+        self.allow_journal_messages("cockpit-session: user account access failed: 4 alice: System error")
 
         # cert auth should not be enabled by default
         do_test(alice_cert_key, ["HTTP/1.1 401 Authentication required", '"authorize"'])