diff --git a/smb/kio_smb.h b/smb/kio_smb.h
--- a/smb/kio_smb.h
+++ b/smb/kio_smb.h
@@ -109,7 +109,7 @@
      * From Controlcenter
      */
     QString  m_default_user;
-//    QString  m_default_workgroup; //currently unused, Alex <neundorf@kde.org>
+    QString  m_default_workgroup = QStringLiteral("WORKGROUP"); // overwritten with value from smbc
     QString  m_default_password;
     QString  m_default_encoding;
 
diff --git a/smb/kio_smb_auth.cpp b/smb/kio_smb_auth.cpp
--- a/smb/kio_smb_auth.cpp
+++ b/smb/kio_smb_auth.cpp
@@ -95,6 +95,8 @@
     info.password = s_password;
     info.verifyPath = true;
 
+    info.setExtraField("domain", s_workgroup);
+
     qCDebug(KIO_SMB) << "libsmb-auth-callback URL:" << info.url;
 
     if ( !checkCachedAuthentication( info ) )
@@ -115,8 +117,21 @@
     } else
         qCDebug(KIO_SMB) << "got password through cache";
 
-    strncpy(username, info.username.toUtf8(), unmaxlen - 1);
-    strncpy(password, info.password.toUtf8(), pwmaxlen - 1);
+    // Make sure it'll be safe to cast to size_t (unsigned)
+    Q_ASSERT(unmaxlen > 0);
+    Q_ASSERT(pwmaxlen > 0);
+    Q_ASSERT(wgmaxlen > 0);
+
+    strncpy(username, info.username.toUtf8(), static_cast<size_t>(unmaxlen - 1));
+    strncpy(password, info.password.toUtf8(), static_cast<size_t>(pwmaxlen - 1));
+    // TODO: isEmpty guard can be removed in 20.08+
+    //   It is only here to prevent us setting an empty work group if a user updates
+    //   but doesn't restart so kiod5 could hold an old cache without domain
+    //   field. In that event we'll leave the input workgroup as-is.
+    const QString domain = info.getExtraField("domain").toString();
+    if (!domain.isEmpty()) {
+        strncpy(workgroup, domain.toUtf8(), static_cast<size_t>(wgmaxlen - 1));
+    }
 }
 
 int SMBSlave::checkPassword(SMBUrl &url)
@@ -137,6 +152,9 @@
     info.verifyPath = true;
     info.keepPassword = true;
 
+    info.setExtraField("anonymous", true); // arbitrary default for dialog
+    info.setExtraField("domain", m_default_workgroup);
+
     if ( share.isEmpty() )
         info.prompt = i18n(
             "<qt>Please enter authentication information for <b>%1</b></qt>" ,
@@ -220,6 +238,13 @@
 
 	smbc_set_context(smb_context);
 
+    // TODO: refactor; checkPassword should query this on
+    // demand to not run into situations where we may have cached
+    // the workgroup early on and it changed since. Needs context
+    // being held in the slave though, which opens us up to nullptr
+    // problems should checkPassword be called without init first.
+    m_default_workgroup = smbc_getWorkgroup(smb_context);
+
         m_initialized_smbc = true;
     }