How to fix Error 401 Un­au­thor­ized

Anyone who searches the internet will encounter not only in­ter­est­ing content, but oc­ca­sion­ally also error messages. For many, this can be frus­trat­ing: Not only can you not visit the requested page, but you also don’t know what the displayed status code actually means. The meaning of the 401 error is quickly clarified, though: You don’t have access rights to the requested page. The source of this error is usually found rather quickly. Here we explain how you can avoid the problem and how this error occurs.

When you surf the internet, com­mu­nic­a­tion takes place between the client (your web browser) and the web server. Using HTTP, the un­der­ly­ing internet protocol, the browser, and client exchange status codes with one another. A large part of these status messages isn’t seen when you’re surfing the net, since as long as everything is running smoothly they aren’t displayed.

The HTTP status codes are divided into groups: The first three groups are those that generally aren’t displayed to you in the browser. All codes in the 100s range describe ongoing requests. The codes 200 to 226 indicate that the browser’s request was suc­cess­fully performed. The messages given in the 300s, though, refer to re­dir­ec­tions. What is displayed to you from time to time, though, are the error messages: All status messages from the 500s range describe errors on the server side. The errors 400 to 499 note problems related to the client.

So with a 401 there is also an HTTP code that indicates an error in the client. In this sense, “client” can have very different meanings for the error message, since it just means the instance of com­mu­nic­a­tion with the webserver. This could be the browser, but could also be the router or even the internet provider used to make the con­nec­tion. In many cases, however, the internet user has caused the error them­selves.

Sometimes, instead of “401 Un­au­thor­ised” you could also get the message “401 Au­thor­isa­tion Required.” Both basically mean that you don’t have per­mis­sion for the requested website and must log in first. If the webserver runs with Microsoft IIS, even more specific status codes are often displayed:

• 401.1: Login failed
• 401.2: Login failed due to server con­fig­ur­a­tions
• 401.3: Requested content refused by an Access Control List (ACL)
• 401.4: Au­thor­isa­tion failed due to a filter
• 401.5: Au­thor­isa­tion failed due to an ISAPI/CGI ap­plic­a­tion

In the best-case scenario, you land on a specially designed error page that describes directly what you have to do.

In most situ­ations, you can correct the 401 error pretty easily: The affected internet page has a section that is only released following au­thor­isa­tion. So to access the desired web page, you need to enter your log-in data in the cor­res­pond­ing area. If you don’t have an account on the website yet, you need to create one and register with it. You will most likely find hy­per­links for this on the start page or in a section of the header. The error page is then displayed if you try to skip such a login step and enter the link to the blocked page directly in your web browser.

This is why you can also get an error message if you follow an external link. If the page hidden behind the link is located in a password-protected area, then it’s highly likely that your browser will display a 401 error. Then, it’s best to either go directly to the home page or try to reach the next-highest level within the folder structure of the website. In the example example.com/folder1/folder2/folder3 you could try out example.com/folder1/folder2 next. Maybe the upstream file is already ac­cess­ible to you.

In case you’ve generated the error by typing it in your browser, you should check the URL again: You may have swapped just one letter or one digit, and therefore entered the password-protected area.

But the error can even be en­countered when you’ve already tried to log in. Some websites display the 401 status code if you’ve simply entered the wrong login in­form­a­tion. You may have mistyped your password, username, or e-mail address. Go back a page and enter your data once again.

To make mistakes is human: So it can def­in­itely occur that you’ve forgotten your login data. In this case, you have to contact the website operator. This can tell you your username or reset your password. Many websites have an automatic ap­plic­a­tion set up for this. It will send you a link via e-mail where you can create a new password.

Sometimes, it could be the case that you’ve done everything right: You logged in properly using the correct form, the data entered was correct, and yet you’re still greeted with a 401 error code. It’s probably an error with the server then, which the system has just in­ter­preted as a 401 error. In such situ­ations, which can also occur in the course of other error codes, two solutions have proven them­selves as promising in the past:

1. Wait and reload the page: In many cases, the easiest solution is also the most effective: Since website operators un­der­stand­ably want their pages to always be available, you usually just have to wait until they’ve solved the problem. Exercise a little patience, and later try reloading the website. To make extra sure, first delete your cache and cookies so that the browser doesn’t ac­ci­dent­ally load the prob­lem­at­ic page from its internal storage.
    
2. Contact the website operator: Of course, there’s also the pos­sib­il­ity that nobody knows about the problem yet – which may also be due to the fact that you’re the only one en­coun­ter­ing the error. Then, establish contact with the operator of the website. Most of the time, you can find their e-mail address in the site notice. Even if you’re the cause of the error, the operator may be able to help you solve the problem. Give them as much in­form­a­tion as possible about your system to reach a solution as quickly as possible.

If you were able to access the page in question in the past and there was no password pro­tec­tion, you can still access the content of the website despite the error by using a small detour. Google creates a cache for websites that in­tern­ally saves a temporary copy of the site. In the Google search bar, simply enter cache:http://example.com/ and instead of “example.com” and enter the URL in question to access the saved version. This can also be a subpage. A header back informs you of when the copy is from. Remember that you won’t find any current in­form­a­tion there, and instead only see the copy of a previous page version. If you want to go further back into the past of the website, you can access the archive of the Wayback Machine. There, you’ll find some decades-old versions of websites.

The two status codes have very different causes: While 401 means “Au­thor­isa­tion Required,” the 403 status message usually contains the addition “Forbidden”: Access is not allowed. As we noted, with the 401 error the system is informing you that you have to log on to view the page. As such, there should be a login for you on a higher level. This is not provided with a 403 error. The website operator forbids access to this area of the website, and offers no pos­sib­il­ity to register for it. These pages or dir­ect­or­ies are for internal use only and shouldn’t be accessed by external internet users.