diff --git a/Lib/urllib/request.py b/Lib/urllib/request.py
index 68a8cabda1b..16d81252d31 100644
--- a/Lib/urllib/request.py
+++ b/Lib/urllib/request.py
@@ -799,7 +799,10 @@ class AbstractBasicAuthHandler:
             if mo:
                 scheme, quote, realm = mo.groups()
                 if scheme.lower() == 'basic':
-                    return self.retry_http_basic_auth(host, req, realm)
+                    response = self.retry_http_basic_auth(host, req, realm)
+                    if response and response.code != 401:
+                        self.retried = 0
+                    return response
 
     def retry_http_basic_auth(self, host, req, realm):
         user, pw = self.passwd.find_user_password(realm, host)
diff --git a/Misc/NEWS b/Misc/NEWS
index ecb1a4f4a09..7ef147d22ce 100644
--- a/Misc/NEWS
+++ b/Misc/NEWS
@@ -132,6 +132,9 @@ Extensions
 Library
 -------
 
+- Issue #8797: urllib2 does a retry for Basic Authentication failure instead of
+  falling into recursion.
+
 - Issue #1194222: email.utils.parsedate now returns RFC2822 compliant four
   character years even if the message contains RFC822 two character years.