diff --git a/pyca/ui/utils.py b/pyca/ui/utils.py
index 185144fc..72e0b202 100644
--- a/pyca/ui/utils.py
+++ b/pyca/ui/utils.py
@@ -11,12 +11,13 @@
 def requires_auth(f):
     @wraps(f)
     def decorated(*args, **kwargs):
+        headers = {'WWW-Authenticate': 'Basic realm="pyCA Login"'}
         auth = request.authorization
-        if config('ui', 'password') and not auth \
-                or auth.username != config('ui', 'username') \
-                or auth.password != config('ui', 'password'):
-            return Response('pyCA: Login required\n', 401,
-                            {'WWW-Authenticate': 'Basic realm="pyCA Login"'})
+        if config('ui', 'password'):
+            auth_provided = (auth.username, auth.password) if auth else None
+            auth_expected = config('ui', 'username'), config('ui', 'password')
+            if auth_provided != auth_expected:
+                return Response('pyCA: Login required\n', 401, headers)
         return f(*args, **kwargs)
     return decorated