diff --git a/app/controllers/sqm_application_controller.rb b/app/controllers/sqm_application_controller.rb
index 6d57366b..57a17d41 100644
--- a/app/controllers/sqm_application_controller.rb
+++ b/app/controllers/sqm_application_controller.rb
@@ -1,7 +1,6 @@
 class SqmApplicationController < ApplicationController
   protect_from_forgery with: :exception, prepend: true
   before_action :set_schools_and_districts
-  before_action :authenticate_district
 
   private
 
@@ -28,12 +27,4 @@ class SqmApplicationController < ApplicationController
   def school_slug
     params[:school_id]
   end
-
-  def authenticate(username, password)
-    return true if username == 'boston'
-
-    authenticate_or_request_with_http_basic do |u, p|
-      u == username && p == password
-    end
-  end
 end
diff --git a/spec/system/authentication_spec.rb b/spec/system/authentication_spec.rb
deleted file mode 100644
index 4d6304a6..00000000
--- a/spec/system/authentication_spec.rb
+++ /dev/null
@@ -1,43 +0,0 @@
-require 'rails_helper'
-
-describe 'authentication' do
-  let(:district) { create(:district) }
-  let(:school) { create(:school, district:) }
-  let(:academic_year) { create(:academic_year) }
-
-  context 'when using the wrong credentials' do
-    before :each do
-      page.driver.browser.basic_authorize('wrong username', 'wrong password')
-    end
-    it 'does not show any information' do
-      visit overview_path
-
-      expect(page).not_to have_text(school.name)
-    end
-  end
-
-  context 'when using the right credentials' do
-    before :each do
-      page.driver.browser.basic_authorize(username, password)
-    end
-    it 'does show information' do
-      visit overview_path
-
-      expect(page).to have_text(school.name)
-    end
-  end
-
-  private
-
-  def username
-    district.name.downcase
-  end
-
-  def password
-    "#{username}!"
-  end
-
-  def overview_path
-    district_school_overview_index_path(district, school, year: academic_year.range)
-  end
-end