diff --git a/CHANGELOG.rst b/CHANGELOG.rst
index c7074d0..2f18034 100644
--- a/CHANGELOG.rst
+++ b/CHANGELOG.rst
@@ -8,7 +8,7 @@ CHANGELOG
 
 3.0.1 (unreleased)
 ------------------
-
+- Return a matching error message if the session storage is disabled and therefore a login is not possible (PR#36 by Sebastian Wagner, fixes #35).
 
 3.0.0 (2021-07-07)
 ------------------
diff --git a/intelmq_api/api.py b/intelmq_api/api.py
index 6a7ff50..ff36f33 100644
--- a/intelmq_api/api.py
+++ b/intelmq_api/api.py
@@ -185,14 +185,17 @@ def config(response, file: str, fetch: bool=False):
 
 @hug.post("/api/login", versions=1)
 def login(username: str, password: str):
-    if session_store is not None:
+    if session_store is None:
+        return {"error": "Session store is disabled by configuration! No login possible and required."}
+    else:
         known = session_store.verify_user(username, password)
         if known is not None:
             token = session_store.new_session({"username": username})
             return {"login_token": token,
                     "username": username,
                     }
-    return "Invalid username and/or password"
+        else:
+            return {"error": "Invalid username and/or password."}
 
 
 @hug.get("/api/harmonization", requires=token_authentication, versions=1)