diff --git a/synapse/handlers/auth.py b/synapse/handlers/auth.py
index 7c62f833aec9ec4de06052413e4edd8c55481d13..7a13a8b11c2d4e453f11a8dcad06931d6d932ef0 100644
--- a/synapse/handlers/auth.py
+++ b/synapse/handlers/auth.py
@@ -230,7 +230,9 @@ class AuthHandler(BaseHandler):
         if not user_id.startswith('@'):
             user_id = UserID.create(user_id, self.hs.hostname).to_string()
 
-        self._check_password(user_id, password)
+        if not (yield self._check_password(user_id, password)):
+            logger.warn("Failed password login for user %s", user_id)
+            raise LoginError(403, "", errcode=Codes.FORBIDDEN)
 
         defer.returnValue(user_id)
 
@@ -356,7 +358,7 @@ class AuthHandler(BaseHandler):
             LoginError if there was an authentication problem.
         """
 
-        if not self._check_password(user_id, password):
+        if not (yield self._check_password(user_id, password)):
             logger.warn("Failed password login for user %s", user_id)
             raise LoginError(403, "", errcode=Codes.FORBIDDEN)