diff --git a/application/src/main/java/run/halo/app/core/extension/service/UserServiceImpl.java b/application/src/main/java/run/halo/app/core/extension/service/UserServiceImpl.java
index d395ea4d7b..50c20bce63 100644
--- a/application/src/main/java/run/halo/app/core/extension/service/UserServiceImpl.java
+++ b/application/src/main/java/run/halo/app/core/extension/service/UserServiceImpl.java
@@ -179,12 +179,16 @@ public Mono<User> createUser(User user, Set<String> roleNames) {
 
     @Override
     public Mono<Boolean> confirmPassword(String username, String rawPassword) {
+
         return getUser(username)
             .filter(user -> {
                 if (!StringUtils.hasText(user.getSpec().getPassword())) {
                     // If the password is not set, return true directly.
                     return true;
                 }
+                if (!StringUtils.hasText(rawPassword)) {
+                    return false;
+                }
                 return passwordEncoder.matches(rawPassword, user.getSpec().getPassword());
             })
             .hasElement();