diff --git a/files/routes/login.py b/files/routes/login.py
index dfe9e2ab2..4db9c7c01 100644
--- a/files/routes/login.py
+++ b/files/routes/login.py
@@ -55,14 +55,14 @@ def login_post(v:Optional[User]):
 
 	if not account:
 		time.sleep(random.uniform(0, 2))
-		return render_template("login/login.html", failed=True, redirect=redir), 401
+		return render_template("login/login.html", failed=True, redirect=redir), 400
 
 
 	if request.values.get("password"):
 		if not account.verifyPass(request.values.get("password")):
 			log_failed_admin_login_attempt(account, "password")
 			time.sleep(random.uniform(0, 2))
-			return render_template("login/login.html", failed=True, redirect=redir), 401
+			return render_template("login/login.html", failed=True, redirect=redir), 400
 
 		if account.mfa_secret or session.get("GLOBAL"):
 			now = int(time.time())
@@ -95,7 +95,7 @@ def login_post(v:Optional[User]):
 								hash=hash,
 								failed=True,
 								redirect=redir,
-								), 401
+								), 400
 	else:
 		abort(400)
 
diff --git a/files/routes/oauth.py b/files/routes/oauth.py
index fc290cf94..23351eb98 100644
--- a/files/routes/oauth.py
+++ b/files/routes/oauth.py
@@ -14,7 +14,8 @@ from files.__main__ import app, limiter
 def authorize_prompt(v:User):
 	client_id = request.values.get("client_id")
 	application = g.db.query(OauthApp).filter_by(client_id=client_id).one_or_none()
-	if not application: return {"oauth_error": "Invalid `client_id`"}, 401
+	if not application:
+		return {"oauth_error": "Invalid `client_id`"}, 400
 	return render_template("oauth.html", v=v, application=application)
 
 @app.post("/authorize")
@@ -26,7 +27,8 @@ def authorize_prompt(v:User):
 def authorize(v):
 	client_id = request.values.get("client_id")
 	application = g.db.query(OauthApp).filter_by(client_id=client_id).one_or_none()
-	if not application: return {"oauth_error": "Invalid `client_id`"}, 401
+	if not application:
+		return {"oauth_error": "Invalid `client_id`"}, 400
 	access_token = secrets.token_urlsafe(128)[:128]
 
 	try: