diff --git a/IPython/frontend/html/notebook/handlers.py b/IPython/frontend/html/notebook/handlers.py
index 15d3561ae..d6c5b1912 100644
--- a/IPython/frontend/html/notebook/handlers.py
+++ b/IPython/frontend/html/notebook/handlers.py
@@ -28,6 +28,7 @@ from zmq.utils import jsonapi
 
 from IPython.external.decorator import decorator
 from IPython.zmq.session import Session
+from IPython.lib.security import passwd_check
 
 try:
     from docutils.core import publish_string
@@ -174,7 +175,8 @@ class LoginHandler(AuthenticatedHandler):
 
     def post(self):
         pwd = self.get_argument('password', default=u'')
-        if self.application.password and pwd == self.application.password:
+        if self.application.password and \
+               passwd_check(self.application.password, pwd):
             self.set_secure_cookie('username', str(uuid.uuid4()))
         self.redirect(self.get_argument('next', default='/'))
 
diff --git a/IPython/frontend/html/notebook/notebookapp.py b/IPython/frontend/html/notebook/notebookapp.py
index 6c4926952..157e856b5 100644
--- a/IPython/frontend/html/notebook/notebookapp.py
+++ b/IPython/frontend/html/notebook/notebookapp.py
@@ -208,7 +208,16 @@ class NotebookApp(BaseIPythonApplication):
     )
 
     password = Unicode(u'', config=True,
-                      help="""Password to use for web authentication"""
+                      help="""Hashed password to use for web authentication.
+
+                      To generate, do:
+
+                        from IPython.lib import passwd
+
+                        passwd('mypassphrase')
+
+                      The string should be of the form type:salt:hashed-password.
+                      """
     )
     
     open_browser = Bool(True, config=True,