diff --git a/examples/web_ui_auth.py b/examples/web_ui_auth.py
index d97bf3d96c..c846c19215 100644
--- a/examples/web_ui_auth.py
+++ b/examples/web_ui_auth.py
@@ -64,10 +64,10 @@ def google_login():
 
             return redirect(url_for("index"))
 
-        @auth_blueprint.route("/login_submit")
+        @auth_blueprint.route("/login_submit", methods=["POST"])
         def login_submit():
-            username = request.args.get("username")
-            password = request.args.get("password")
+            username = request.form.get("username")
+            password = request.form.get("password")
 
             # Implement real password verification here
             if password:
diff --git a/locust/webui/src/pages/Auth.tsx b/locust/webui/src/pages/Auth.tsx
index eabed20660..d03ce40d10 100644
--- a/locust/webui/src/pages/Auth.tsx
+++ b/locust/webui/src/pages/Auth.tsx
@@ -37,7 +37,7 @@ export default function Auth({ authProviders, error, usernamePasswordCallback }:
           <Logo />
         </Box>
         {usernamePasswordCallback && (
-          <form action={usernamePasswordCallback}>
+          <form action={usernamePasswordCallback} method='POST'>
             <Box sx={{ display: 'flex', flexDirection: 'column', rowGap: 2 }}>
               <TextField label='Username' name='username' />
               <TextField label='Password' name='password' type='password' />