diff --git a/authentication/example-providers/psk/src/main/java/io/deephaven/authentication/psk/PskAuthenticationHandler.java b/authentication/example-providers/psk/src/main/java/io/deephaven/authentication/psk/PskAuthenticationHandler.java
index e0283bffdb3..0ba625dd411 100644
--- a/authentication/example-providers/psk/src/main/java/io/deephaven/authentication/psk/PskAuthenticationHandler.java
+++ b/authentication/example-providers/psk/src/main/java/io/deephaven/authentication/psk/PskAuthenticationHandler.java
@@ -28,7 +28,8 @@ public class PskAuthenticationHandler implements AuthenticationRequestHandler {
         String pskFromConfig = Configuration.getInstance().getStringWithDefault("authentication.psk", null);
         // If this feature is enabled by not value give, generate a 64bit number and encode as
         // base-36 (lower case and numbers).
-        PSK = Objects.requireNonNullElseGet(pskFromConfig, () -> Long.toString(Math.abs(new Random().nextLong()), 36));
+        PSK = Optional.ofNullable(pskFromConfig).map(String::trim).filter(s -> !s.isEmpty())
+                .orElseGet(() -> Long.toString(Math.abs(new Random().nextLong()), 36));
 
         // limit to ascii for better log and url support
         if (!StandardCharsets.US_ASCII.newEncoder().canEncode(PSK)) {
@@ -69,7 +70,7 @@ public void initialize(String targetUrl) {
         logger.warn().append("================================================================================").endl();
         logger.warn().append("Superuser access through pre-shared key is enabled - use ").append(PSK)
                 .append(" to connect").endl();
-        logger.warn().append("Connect automatically to Web UI with ").append(targetUrl).append("/jsapi?psk=")
+        logger.warn().append("Connect automatically to Web UI with ").append(targetUrl).append("/?psk=")
                 .append(PSK)
                 .endl();
         logger.warn().append("================================================================================").endl();
diff --git a/docker-compose-common.yml b/docker-compose-common.yml
index e48a35a3d9a..efce34f0e23 100644
--- a/docker-compose-common.yml
+++ b/docker-compose-common.yml
@@ -14,7 +14,7 @@ services:
       # with max memory.
       #
       # To turn on debug logging, add: -Dlogback.configurationFile=logback-debug.xml
-      - START_OPTS=-Xmx4g -Ddeephaven.console.type=${DEEPHAVEN_CONSOLE_TYPE} -Ddeephaven.application.dir=${DEEPHAVEN_APPLICATION_DIR}
+      - START_OPTS=-Xmx4g -Ddeephaven.console.type=${DEEPHAVEN_CONSOLE_TYPE} -Ddeephaven.application.dir=${DEEPHAVEN_APPLICATION_DIR} -Dauthentication.psk=${PSK}
       #
       # For remote debugging switch the line above for the one below (and also change the ports below)
       # - START_OPTS=-agentlib:jdwp=transport=dt_socket,server=y,suspend=n,address=*:5005 -Xmx4g -Ddeephaven.console.type=${DEEPHAVEN_CONSOLE_TYPE} -Ddeephaven.application.dir=${DEEPHAVEN_APPLICATION_DIR}
diff --git a/java-client/example-utilities/src/main/java/io/deephaven/client/examples/AuthenticationOptions.java b/java-client/example-utilities/src/main/java/io/deephaven/client/examples/AuthenticationOptions.java
index 0fd92cf3ed3..d7a95a34183 100644
--- a/java-client/example-utilities/src/main/java/io/deephaven/client/examples/AuthenticationOptions.java
+++ b/java-client/example-utilities/src/main/java/io/deephaven/client/examples/AuthenticationOptions.java
@@ -19,7 +19,7 @@ public String toAuthenticationTypeAndValue() {
             return "io.deephaven.authentication.mtls.MTlsAuthenticationHandler";
         }
         if (psk != null) {
-            return "psk " + psk;
+            return "io.deephaven.authentication.psk.PskAuthenticationHandler " + psk;
         }
         if (explicit != null) {
             return explicit;
diff --git a/props/configs/src/main/resources/dh-defaults.prop b/props/configs/src/main/resources/dh-defaults.prop
index 232c7694a98..c6b580bcc13 100644
--- a/props/configs/src/main/resources/dh-defaults.prop
+++ b/props/configs/src/main/resources/dh-defaults.prop
@@ -48,7 +48,7 @@ deephaven.console.type=python
 http.session.durationMs=300000
 
 # Default to allowing anonymous access, but don't yet warn users that it is unsafe by default
-AuthHandlers=io.deephaven.auth.AnonymousAuthenticationHandler
+AuthHandlers=io.deephaven.authentication.psk.PskAuthenticationHandler
 authentication.anonymous.warn=true
 
 # List of configuration properties to provide to unauthenticated clients, so that they can decide how best to prove their
diff --git a/server/build.gradle b/server/build.gradle
index 2d6d596c111..fb2faf2d22b 100644
--- a/server/build.gradle
+++ b/server/build.gradle
@@ -108,7 +108,7 @@ dependencies {
 
     Classpaths.inheritImmutables(project, true)
 
-
+    runtimeOnly dependencies.project(path: ':authentication:example-providers:psk', configuration:'shadow')
 }
 
 TestTools.addEngineOutOfBandTest(project)
diff --git a/server/jetty-app/build.gradle b/server/jetty-app/build.gradle
index 59ccfdc9106..f795f21a6df 100644
--- a/server/jetty-app/build.gradle
+++ b/server/jetty-app/build.gradle
@@ -93,7 +93,6 @@ if (hasProperty('quiet')) {
 
 if (hasProperty('psk')) {
     authHandlers += ['io.deephaven.authentication.psk.PskAuthenticationHandler']
-    dependencies.implementation(dependencies.project(path: ':authentication:example-providers:psk', configuration:'shadow'))
     if (project.getProperty('psk')) {
         // if there is a non-empty value assigned, use that for the key
         extraJvmArgs += ["-Dauthentication.psk=${getProperty('psk')}"]