diff --git a/src/Products/PlonePAS/plugins/cookie_handler.py b/src/Products/PlonePAS/plugins/cookie_handler.py
index a301a1ed..1e0ec655 100644
--- a/src/Products/PlonePAS/plugins/cookie_handler.py
+++ b/src/Products/PlonePAS/plugins/cookie_handler.py
@@ -70,7 +70,11 @@ def updateCredentials(self, request, response, login, new_password):
 
         setAuthCookie = getattr(self, 'setAuthCookie', None)
         if setAuthCookie:
-            cookie_val = encodestring('%s:%s' % (login, new_password))
+            cookie_str = b':'.join([
+                login.encode('utf-8'),
+                new_password.encode('utf-8'),
+            ])
+            cookie_val = encodestring(cookie_str)
             cookie_val = cookie_val.rstrip()
             setAuthCookie(response, self.cookie_name, quote(cookie_val))
         else: