diff --git a/src/server/api/private/signin.ts b/src/server/api/private/signin.ts
index 65413208dd..9f26c09c45 100644
--- a/src/server/api/private/signin.ts
+++ b/src/server/api/private/signin.ts
@@ -63,7 +63,7 @@ export default async (ctx: Koa.Context) => {
 			if (verified) {
 				signin(ctx, user);
 			} else {
-				ctx.throw(400, {
+				ctx.throw(403, {
 					error: 'invalid token'
 				});
 			}
@@ -71,7 +71,7 @@ export default async (ctx: Koa.Context) => {
 			signin(ctx, user);
 		}
 	} else {
-		ctx.throw(400, {
+		ctx.throw(403, {
 			error: 'incorrect password'
 		});
 	}