diff --git a/options.h b/options.h
index 4c7433edcdbbf4c10d58093bc47cf48dc19e92c3..14dda0c738a0922456ae45df829f3f74c75b7e81 100644
--- a/options.h
+++ b/options.h
@@ -179,8 +179,7 @@ much traffic. */
 
 /* Define this to allow logging in to accounts that have no password specified.
  * Public key logins are allowed for blank-password accounts regardless of this
- * setting.  PAM is not affected by this setting, it uses the normal pam.d
- * settings ('nullok' option) */
+ * setting. */
 /* #define ALLOW_BLANK_PASSWORD */
 
 #define ENABLE_CLI_PASSWORD_AUTH
diff --git a/svr-auth.c b/svr-auth.c
index 04321fe209ee5bbce824e2424049b96f7667ee72..fbfd27c2e05a6c2a82298e9b52177a3f800356d1 100644
--- a/svr-auth.c
+++ b/svr-auth.c
@@ -155,9 +155,10 @@ void recv_msg_userauth_request() {
 				AUTH_METHOD_NONE_LEN) == 0) {
 		TRACE(("recv_msg_userauth_request: 'none' request"))
 #ifdef ALLOW_BLANK_PASSWORD
+		TRACE(("pw_passwd '%s'", ses.authstate.pw_passwd))
 		if (!svr_opts.noauthpass 
 				&& !(svr_opts.norootpass && ses.authstate.pw_uid == 0) 
-				&& ses.authstate.pw_passwd == '\0') 
+				&& ses.authstate.pw_passwd[0] == '\0') 
 		{
 			dropbear_log(LOG_NOTICE, 
 					"Auth succeeded with blank password for '%s' from %s",
diff --git a/svr-authpasswd.c b/svr-authpasswd.c
index ceeb4d8cdbd4eb58101301ef2e67360ab3d1eb8d..c8c83f91d978bad4b4c54258f53f8f35f45c0a8d 100644
--- a/svr-authpasswd.c
+++ b/svr-authpasswd.c
@@ -39,7 +39,6 @@ void svr_auth_password() {
 	char * passwdcrypt = NULL; /* the crypt from /etc/passwd or /etc/shadow */
 	char * testcrypt = NULL; /* crypt generated from the user's password sent */
 	unsigned char * password;
-	int success_blank = 0;
 	unsigned int passwordlen;
 
 	unsigned int changepw;
@@ -68,19 +67,13 @@ void svr_auth_password() {
 
 	/* check for empty password */
 	if (passwdcrypt[0] == '\0') {
-#ifdef ALLOW_BLANK_PASSWORD
-		if (passwordlen == 0) {
-			success_blank = 1;
-		}
-#else
 		dropbear_log(LOG_WARNING, "User '%s' has blank password, rejected",
 				ses.authstate.pw_name);
 		send_msg_userauth_failure(0, 1);
 		return;
-#endif
 	}
 
-	if (success_blank || strcmp(testcrypt, passwdcrypt) == 0) {
+	if (strcmp(testcrypt, passwdcrypt) == 0) {
 		/* successful authentication */
 		dropbear_log(LOG_NOTICE, 
 				"Password auth succeeded for '%s' from %s",