diff --git a/ChangeLog b/ChangeLog
index bc4d6d63c..b0e744b60 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,6 @@
+20020506
+ - (bal) Fixed auth-passwd.c to resolve PermitEmptyPassword issue
+ 
 20020501
  - (djm) Import OpenBSD regression tests. Requires BSD make to run
  - (djm) Fix readpassphase compilation for systems which have it
@@ -525,4 +528,4 @@
  - (stevesk) entropy.c: typo in debug message
  - (djm) ssh-keygen -i needs seeded RNG; report from markus@
 
-$Id: ChangeLog,v 1.2091 2002/05/01 12:00:22 djm Exp $
+$Id: ChangeLog,v 1.2092 2002/05/06 23:06:08 mouring Exp $
diff --git a/auth-passwd.c b/auth-passwd.c
index 58c113649..896f1c263 100644
--- a/auth-passwd.c
+++ b/auth-passwd.c
@@ -36,7 +36,7 @@
  */
 
 #include "includes.h"
-RCSID("$OpenBSD: auth-passwd.c,v 1.24 2002/03/04 12:43:06 markus Exp $");
+RCSID("$OpenBSD: auth-passwd.c,v 1.25 2002/05/06 23:00:59 mouring Exp $");
 
 #include "packet.h"
 #include "log.h"
@@ -90,11 +90,11 @@ int
 auth_password(Authctxt *authctxt, const char *password)
 {
 #if defined(USE_PAM)
-	if (*password == '\0' && options.permit_empty_passwd == 0)
+	if (*pw->pw_passwd == '\0' && options.permit_empty_passwd == 0)
 		return 0;
 	return auth_pam_password(authctxt, password);
 #elif defined(HAVE_OSF_SIA)
-	if (*password == '\0' && options.permit_empty_passwd == 0)
+	if (*pw->pw_passwd == '\0' && options.permit_empty_passwd == 0)
 		return 0;
 	return auth_sia_password(authctxt, password);
 #else
@@ -131,7 +131,7 @@ auth_password(Authctxt *authctxt, const char *password)
 	 */
 	if (!is_winnt)
 #endif
-	if (*password == '\0' && options.permit_empty_passwd == 0)
+	if (*pw->pw_passwd == '\0' && options.permit_empty_passwd == 0)
 		return 0;
 #ifdef KRB5
 	if (options.kerberos_authentication == 1) {