diff --git a/lib/Travelynx/Controller/Account.pm b/lib/Travelynx/Controller/Account.pm
index bc24c050df49a714dd09fcc081bef7b21c151dd9..f0f21195017b82280d6e198eea7009f8d9828347 100644
--- a/lib/Travelynx/Controller/Account.pm
+++ b/lib/Travelynx/Controller/Account.pm
@@ -260,10 +260,18 @@ sub do_login {
 		else {
 			my $data = $self->users->get_login_data( name => $user );
 			if ( $data and $data->{status} == 0 ) {
-				$self->render( 'login', invalid => 'confirmation' );
+				$self->render(
+					'login',
+					status  => 400,
+					invalid => 'confirmation'
+				);
 			}
 			else {
-				$self->render( 'login', invalid => 'credentials' );
+				$self->render(
+					'login',
+					status  => 400,
+					invalid => 'credentials'
+				);
 			}
 		}
 	}
diff --git a/t/02-registration.t b/t/02-registration.t
index b588d155db7ff609b206445a699bfa7b84920e5c..53f772f7e681e7354f066a6854667cbaf9745ecd 100644
--- a/t/02-registration.t
+++ b/t/02-registration.t
@@ -88,7 +88,7 @@ $t->post_ok(
 		password   => 'foofoofoo',
 	}
 );
-$t->status_is(200)->content_like(qr{nicht freigeschaltet});
+$t->status_is(400)->content_like(qr{nicht freigeschaltet});
 
 my $res = $t->app->pg->db->select( 'users', ['id'], { name => 'someone' } );
 my $uid = $res->hash->{id};
@@ -108,7 +108,7 @@ $t->post_ok(
 		password   => 'definitely invalid',
 	}
 );
-$t->status_is(200)->content_like(qr{falsches Passwort});
+$t->status_is(400)->content_like(qr{falsches Passwort});
 
 # Successful login
 $t->post_ok(