diff --git a/tests/test_user.py b/tests/test_user.py
index 3d5f53faa1a8350a0067c6f012a5c8da0907549a..962840db8de6ad9499c7adacdc123b9919caa72b 100644
--- a/tests/test_user.py
+++ b/tests/test_user.py
@@ -194,7 +194,6 @@ class TestUserViews(UffdTestCase):
 		self.assertEqual(user_updated.loginname, user_unupdated.loginname)
 		self.assertTrue(ldap.test_user_bind(user_updated.dn, 'newpassword'))
 
-	@unittest.skip('See #28')
 	def test_update_invalid_password(self):
 		user_unupdated = self.get_user()
 		r = self.client.get(path=url_for('user.show', uid=user_unupdated.uid), follow_redirects=True)
diff --git a/uffd/translations/de/LC_MESSAGES/messages.mo b/uffd/translations/de/LC_MESSAGES/messages.mo
index 3fb2252ba8b5eba1f3c47aa9ec52c6b5eef02364..df2fed3467524abc4c2f938fd07bb2cad81b9f2c 100644
Binary files a/uffd/translations/de/LC_MESSAGES/messages.mo and b/uffd/translations/de/LC_MESSAGES/messages.mo differ
diff --git a/uffd/translations/de/LC_MESSAGES/messages.po b/uffd/translations/de/LC_MESSAGES/messages.po
index 8860b6b4cdcbacd96dc03b60a612dbb3d38cce56..cec4ea943370b3ff0c83f10992728efb3a8abd33 100644
--- a/uffd/translations/de/LC_MESSAGES/messages.po
+++ b/uffd/translations/de/LC_MESSAGES/messages.po
@@ -7,7 +7,7 @@ msgid ""
 msgstr ""
 "Project-Id-Version: PROJECT VERSION\n"
 "Report-Msgid-Bugs-To: EMAIL@ADDRESS\n"
-"POT-Creation-Date: 2021-07-30 21:03+0200\n"
+"POT-Creation-Date: 2021-07-30 21:15+0200\n"
 "PO-Revision-Date: 2021-05-25 21:18+0200\n"
 "Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
 "Language: de\n"
@@ -1431,21 +1431,25 @@ msgstr "E-Mail-Adresse nicht valide"
 msgid "Display name does not meet requirements"
 msgstr "Anzeigename entspricht nicht den Anforderungen"
 
-#: uffd/user/views_user.py:75
+#: uffd/user/views_user.py:63
+msgid "Password is invalid"
+msgstr "Passwort ist ungültig"
+
+#: uffd/user/views_user.py:77
 msgid "Service user created"
 msgstr "Service-Account erstellt"
 
-#: uffd/user/views_user.py:78
+#: uffd/user/views_user.py:80
 msgid "User created. We sent the user a password reset link by mail"
 msgstr ""
 "Benutzer erstellt. E-Mail mit einem Link zum Setzen des Passworts wurde "
 "versendet."
 
-#: uffd/user/views_user.py:80
+#: uffd/user/views_user.py:82
 msgid "User updated"
 msgstr "Benutzer aktualisiert"
 
-#: uffd/user/views_user.py:91
+#: uffd/user/views_user.py:93
 msgid "Deleted user"
 msgstr "Benutzer gelöscht"
 
diff --git a/uffd/user/views_user.py b/uffd/user/views_user.py
index 969b71b4a34d7b39aecec20b96f1d916f01ad726..db2800a87d56cea29a3940ff2770d4c0bbbee1b4 100644
--- a/uffd/user/views_user.py
+++ b/uffd/user/views_user.py
@@ -59,7 +59,9 @@ def update(uid=None):
 		return redirect(url_for('user.show', uid=uid))
 	new_password = request.form.get('password')
 	if uid is not None and new_password:
-		user.set_password(new_password)
+		if not user.set_password(new_password):
+			flash(_('Password is invalid'))
+			return redirect(url_for('user.show', uid=uid))
 	ldap.session.add(user)
 	user.roles.clear()
 	for role in Role.query.all():