diff --git a/lib/pbench/server/api/resources/users_api.py b/lib/pbench/server/api/resources/users_api.py
index aed9691794..34c583d466 100644
--- a/lib/pbench/server/api/resources/users_api.py
+++ b/lib/pbench/server/api/resources/users_api.py
@@ -191,7 +191,7 @@ def post(self):
             self.logger.warning(
                 "No user found in the db for Username: {} while login", username
             )
-            abort(403, message="Bad login")
+            abort(401, message="Bad login")
 
         # Validate the password
         if not check_password_hash(user.password, password):
diff --git a/lib/pbench/test/unit/server/test_user_auth.py b/lib/pbench/test/unit/server/test_user_auth.py
index 54dbdd7b64..cc53d523b7 100644
--- a/lib/pbench/test/unit/server/test_user_auth.py
+++ b/lib/pbench/test/unit/server/test_user_auth.py
@@ -211,7 +211,7 @@ def test_non_registered_user_login(client, server_config):
             response = login_user(client, server_config, "username", "12345")
             data = response.json
             assert data["message"] == "Bad login"
-            assert response.status_code == 403
+            assert response.status_code == 401
 
     @staticmethod
     def test_get_user(client, server_config):