diff --git a/backend-sample-app.py b/backend-sample-app.py
index 3170d80ffd5b46925fc2701951f43f05202e70fb..970c3ab37609a24aca81d19ed806cf708861f432 100755
--- a/backend-sample-app.py
+++ b/backend-sample-app.py
@@ -74,7 +74,7 @@ class AppHandler(BaseHTTPRequestHandler):
         <tr>
           <td>Username: <input type="text" name="username"/></td>
         <tr>
-          <td>Password: <input type="text" name="password"/></td>
+          <td>Password: <input type="password" name="password"/></td>
         <tr>
           <td><input type="submit" value="Login"></td>
       </table>
@@ -119,6 +119,8 @@ class AppHandler(BaseHTTPRequestHandler):
             #
             # WARNING WARNING WARNING
             enc = base64.b64encode(ensure_bytes(user + ':' + passwd))
+            if sys.version_info.major == 3:
+                enc = enc.decode()
             self.send_header('Set-Cookie', b'nginxauth=' + enc + b'; httponly')
 
             self.send_header('Location', target)