diff --git a/tasmota/xdrv_01_webserver.ino b/tasmota/xdrv_01_webserver.ino
index e9554e774..4fbafc3b0 100644
--- a/tasmota/xdrv_01_webserver.ino
+++ b/tasmota/xdrv_01_webserver.ino
@@ -2607,16 +2607,21 @@ void HandleHttpCommand(void)
   AddLog_P(LOG_LEVEL_DEBUG, PSTR(D_LOG_HTTP D_COMMAND));
 
   if (strlen(SettingsText(SET_WEBPWD))) {
-    char tmp1[33];
-    WebGetArg("user", tmp1, sizeof(tmp1));
-    char tmp2[strlen(SettingsText(SET_WEBPWD)) +1];
-    WebGetArg("password", tmp2, sizeof(tmp2));
-    if (!(!strcmp(tmp1, WEB_USERNAME) && !strcmp(tmp2, SettingsText(SET_WEBPWD)))) {
-      WSContentBegin(401, CT_JSON);
-      WSContentSend_P(PSTR("{\"" D_RSLT_WARNING "\":\"" D_NEED_USER_AND_PASSWORD "\"}"));
-      WSContentEnd();
-      return;
-    }
+    //Prefer authorization via HTTP header (Basic auth), if it fails, use legacy method via GET parameters
+    if (!Webserver->authenticate(WEB_USERNAME, SettingsText(SET_WEBPWD))) {
+      char tmp1[33];
+      WebGetArg("user", tmp1, sizeof(tmp1));
+      char tmp2[strlen(SettingsText(SET_WEBPWD)) + 1];
+      WebGetArg("password", tmp2, sizeof(tmp2));
+
+      if (!(!strcmp(tmp1, WEB_USERNAME) && !strcmp(tmp2, SettingsText(SET_WEBPWD))))
+      {
+        WSContentBegin(401, CT_JSON);
+        WSContentSend_P(PSTR("{\"" D_RSLT_WARNING "\":\"" D_NEED_USER_AND_PASSWORD "\"}"));
+        WSContentEnd();
+        return;
+      }
+    } 
   }
 
   WSContentBegin(200, CT_JSON);