diff --git a/lib/cli.js b/lib/cli.js
index a630609e..c9a9be6c 100644
--- a/lib/cli.js
+++ b/lib/cli.js
@@ -557,6 +557,16 @@ program
   .option('-a, --app-url <url>'
     , 'URL to app'
     , String)
+  .option('--use-basic-auth'
+    , 'Whether to use basic authentication for login or not')
+  .option('--basic-auth-username <username>'
+    , 'Basic Auth Username (or $BASIC_AUTH_USERNAME)'
+    , String
+    , process.env.BASIC_AUTH_USERNAME || 'username')
+  .option('--basic-auth-password <password>'
+    , 'Basic Auth Password (or $BASIC_AUTH_PASSWORD)'
+    , String
+    , process.env.BASIC_AUTH_PASSWORD || 'password')
   .action(function(options) {
     if (!options.secret) {
       this.missingArgument('--secret')
@@ -570,6 +580,13 @@ program
     , secret: options.secret
     , ssid: options.ssid
     , appUrl: options.appUrl
+    , mock: {
+        useBasicAuth: options.useBasicAuth
+      , basicAuth: {
+          username: options.basicAuthUsername
+        , password: options.basicAuthPassword
+        }
+      }
     })
   })
 
diff --git a/lib/units/auth/mock.js b/lib/units/auth/mock.js
index 6ec72a4c..00597442 100644
--- a/lib/units/auth/mock.js
+++ b/lib/units/auth/mock.js
@@ -7,6 +7,7 @@ var bodyParser = require('body-parser')
 var serveStatic = require('serve-static')
 var csrf = require('csurf')
 var Promise = require('bluebird')
+var basicAuth = require('basic-auth')
 
 var logger = require('../../util/logger')
 var requtil = require('../../util/requtil')
@@ -28,6 +29,27 @@ module.exports = function(options) {
       })
   })
 
+  // BasicAuth Middleware
+  var basicAuthMiddleware = function(req, res, next) {
+    function unauthorized(res) {
+      res.set('WWW-Authenticate', 'Basic realm=Authorization Required')
+      return res.send(401)
+    }
+
+    var user = basicAuth(req)
+
+    if (!user || !user.name || !user.pass) {
+      return unauthorized(res)
+    }
+
+    if (user.name === options.mock.basicAuth.username &&
+        user.pass === options.mock.basicAuth.password) {
+      return next()
+    } else {
+      return unauthorized(res)
+    }
+  }
+
   app.set('view engine', 'jade')
   app.set('views', pathutil.resource('auth/mock/views'))
   app.set('strict routing', true)
@@ -49,6 +71,10 @@ module.exports = function(options) {
     next()
   })
 
+  if (options.mock.useBasicAuth) {
+    app.use(basicAuthMiddleware)
+  }
+
   app.get('/', function(req, res) {
     res.redirect('/auth/mock/')
   })
diff --git a/package.json b/package.json
index 7d7a891c..3696c456 100644
--- a/package.json
+++ b/package.json
@@ -34,6 +34,7 @@
     "adbkit-apkreader": "^1.0.0",
     "adbkit-monkey": "^1.0.1",
     "aws-sdk": "^2.2.3",
+    "basic-auth": "^1.0.3",
     "bluebird": "^2.9.34",
     "body-parser": "^1.13.3",
     "bufferutil": "^1.2.1",