diff --git a/api/src/framework/express/middleware.ts b/api/src/framework/express/middleware.ts
index 846db09..89db7d6 100644
--- a/api/src/framework/express/middleware.ts
+++ b/api/src/framework/express/middleware.ts
@@ -57,7 +57,7 @@ export function checkPermissions(): RequestHandler {
     }
 
     if (!req.session.user) {
-      next({ status: 403, messsage: 'Forbidden' });
+      next({ status: 401, messsage: 'Unauthorized' });
       return;
     }
 
@@ -67,7 +67,7 @@ export function checkPermissions(): RequestHandler {
         req.session.user.role !== UserRoles.ADMIN) ||
       (!canAccess(req) && req.session.user.role !== UserRoles.ADMIN)
     ) {
-      next({ status: 403, messsage: 'Forbidden' });
+      next({ status: 401, messsage: 'Unauthorized' });
       return;
     }
 
@@ -79,7 +79,7 @@ export function checkPermissions(): RequestHandler {
       return;
     }
 
-    next({ status: 403, messsage: 'Forbidden' });
+    next({ status: 401, messsage: 'Unauthorized' });
   };
 }
 
diff --git a/api/src/framework/express/user.ts b/api/src/framework/express/user.ts
index a349cca..d4988fc 100644
--- a/api/src/framework/express/user.ts
+++ b/api/src/framework/express/user.ts
@@ -17,7 +17,7 @@ function LoginHandler(services: Services): RequestHandler {
     user ? (req.session.user = user) : (req.session.user = null);
     user
       ? res.status(200).send(user)
-      : next({ status: 404, message: 'wrong user or password' });
+      : next({ status: 401, message: 'wrong username or password' });
   };
 }