diff --git a/initdb/02_4_signalk_auth.sql b/initdb/02_4_signalk_auth.sql
index 3b271b4..af03c38 100644
--- a/initdb/02_4_signalk_auth.sql
+++ b/initdb/02_4_signalk_auth.sql
@@ -183,7 +183,10 @@ begin
   -- check email and password
   select auth.user_role(email, pass) into _role;
   if _role is null then
-    raise invalid_password using message = 'invalid user or password';
+    -- HTTP/403
+    --raise invalid_password using message = 'invalid user or password';
+    -- HTTP/401
+    raise insufficient_privilege using message = 'invalid user or password';
   end if;
 
   -- Get app_jwt_secret