diff --git a/cmd/simpleauth/main.go b/cmd/simpleauth/main.go
index 0616306..dea6631 100644
--- a/cmd/simpleauth/main.go
+++ b/cmd/simpleauth/main.go
@@ -27,13 +27,9 @@ var successHtml []byte
 
 func authenticationValid(username, password string) bool {
 	c := crypt.SHA256.New()
-	fmt.Println("checking", username, password)
 	if crypted, ok := cryptedPasswords[username]; ok {
-		fmt.Println(username, password, crypted)
 		if err := c.Verify(crypted, []byte(password)); err == nil {
 			return true
-		} else {
-			log.Println(err)
 		}
 	}
 	return false
@@ -127,7 +123,6 @@ func main() {
 			if len(parts) >= 2 {
 				username := parts[0]
 				password := parts[1]
-				fmt.Println(username, password)
 				cryptedPasswords[username] = password
 			}
 		}
diff --git a/static/login.html b/static/login.html
index beb0b33..612afcd 100644
--- a/static/login.html
+++ b/static/login.html
@@ -25,9 +25,16 @@
 
       async function login(evt) {
         evt.preventDefault()
+        let data = new FormData(evt.target)
+        let username = data.get("username")
+        let password = data.get("password")
+
+        let headers = new Headers({
+          "Authorization": "Basic " + btoa(username + ":" + password),
+        })
         let req = await fetch(evt.target.action, {
-          method: evt.target.method,
-          body: new FormData(evt.target),
+          method: "GET",
+          headers: headers,
           credentials: "same-origin",
         })
         if (! req.ok) {