diff --git a/src/ejabberd_auth.erl b/src/ejabberd_auth.erl
index f791c6063..62282957e 100644
--- a/src/ejabberd_auth.erl
+++ b/src/ejabberd_auth.erl
@@ -85,6 +85,9 @@ check_password(User, Server, Password, StreamID, Digest) ->
 	      M:check_password(User, Server, Password, StreamID, Digest)
       end, auth_modules(Server)).
 
+%% We do not allow empty password:
+set_password(_User, _Server, "") ->
+    {error, not_allowed};
 set_password(User, Server, Password) ->
     lists:foldl(
       fun(M, {error, _}) ->
@@ -93,6 +96,9 @@ set_password(User, Server, Password) ->
 	      Res
       end, {error, not_allowed}, auth_modules(Server)).
 
+%% We do not allow empty password:
+try_register(_User, _Server, "") ->
+    {error, not_allowed};    
 try_register(User, Server, Password) ->
     case is_user_exists(User,Server) of
 	true ->
diff --git a/src/ejabberd_auth_external.erl b/src/ejabberd_auth_external.erl
index 13dafa711..19ae6818d 100644
--- a/src/ejabberd_auth_external.erl
+++ b/src/ejabberd_auth_external.erl
@@ -55,7 +55,7 @@ plain_password_required() ->
     true.
 
 check_password(User, Server, Password) ->
-    extauth:check_password(User, Server, Password).
+    extauth:check_password(User, Server, Password) andalso Password /= "".
 
 check_password(User, Server, Password, _StreamID, _Digest) ->
     check_password(User, Server, Password).
diff --git a/src/ejabberd_auth_internal.erl b/src/ejabberd_auth_internal.erl
index 6f27a49e6..56b775be6 100644
--- a/src/ejabberd_auth_internal.erl
+++ b/src/ejabberd_auth_internal.erl
@@ -72,7 +72,7 @@ check_password(User, Server, Password) ->
     US = {LUser, LServer},
     case catch mnesia:dirty_read({passwd, US}) of
 	[#passwd{password = Password}] ->
-	    true;
+	    Password /= "";
 	_ ->
 	    false
     end.
@@ -113,7 +113,6 @@ set_password(User, Server, Password) ->
 	    mnesia:transaction(F)
     end.
 
-
 try_register(User, Server, Password) ->
     LUser = jlib:nodeprep(User),
     LServer = jlib:nameprep(Server),
diff --git a/src/ejabberd_auth_odbc.erl b/src/ejabberd_auth_odbc.erl
index 076ac9380..28f01239f 100644
--- a/src/ejabberd_auth_odbc.erl
+++ b/src/ejabberd_auth_odbc.erl
@@ -70,7 +70,7 @@ check_password(User, Server, Password) ->
 	    LServer = jlib:nameprep(Server),
 	    case catch odbc_queries:get_password(LServer, Username) of
 		{selected, ["password"], [{Password}]} ->
-		    true;
+		    Password /= "";
 		_ ->
 		    false
 	    end