diff --git a/backend/src/controllers/Credentials.php b/backend/src/controllers/Credentials.php
index c820f26..1754270 100644
--- a/backend/src/controllers/Credentials.php
+++ b/backend/src/controllers/Credentials.php
@@ -79,6 +79,9 @@ class Credentials
         } catch (\Exceptions\InvalidKeyException $e) {
             $this->logger->debug('User tries to add invalid credential key.');
             return $res->withJson(['error' => 'The provided key is invalid.'], 400);
+        } catch (\Exceptions\NotFoundException $e) {
+            $this->logger->debug('User tries to add credential for not existing record.');
+            return $res->withJson(['error' => 'The provided record does not exist.'], 404);
         }
     }
 
diff --git a/backend/src/operations/Credentials.php b/backend/src/operations/Credentials.php
index f90db0f..57e0538 100644
--- a/backend/src/operations/Credentials.php
+++ b/backend/src/operations/Credentials.php
@@ -98,6 +98,14 @@ class Credentials
 
         $this->db->beginTransaction();
 
+        $query = $this->db->prepare('SELECT id FROM records WHERE id=:recordId');
+        $query->bindValue(':recordId', $record, \PDO::PARAM_INT);
+        $query->execute();
+        if ($query->fetch() === false) {
+            $this->db->rollBack();
+            throw new \Exceptions\NotFoundException();
+        }
+
         $query = $this->db->prepare('INSERT INTO remote (record, description, type, security) VALUES (:record, :description, :type, :security)');
         $query->bindValue(':record', $record, \PDO::PARAM_INT);
         $query->bindValue(':description', $description, \PDO::PARAM_STR);
diff --git a/backend/test/tests/credentials-crud.js b/backend/test/tests/credentials-crud.js
index 138bd5b..03a23e7 100644
--- a/backend/test/tests/credentials-crud.js
+++ b/backend/test/tests/credentials-crud.js
@@ -62,6 +62,19 @@ test.run(async function () {
 
         assert.equal(res.status, 400);
 
+        //Test invalid record
+        var res = await req({
+            url: '/records/100/credentials',
+            method: 'post',
+            data: {
+                description: 'Test',
+                type: 'password',
+                password: 'foo'
+            }
+        });
+
+        assert.equal(res.status, 404, 'Not existent record should trigger error.');
+
         //Add key (key is intensionally very short but valid) and get it
         var res = await req({
             url: '/records/1/credentials',