diff --git a/files/routes/settings.py b/files/routes/settings.py
index c3e048d780..4e6c194351 100644
--- a/files/routes/settings.py
+++ b/files/routes/settings.py
@@ -632,7 +632,8 @@ def verifiedcolor(v):
 @auth_required
 @validate_formkey
 def settings_security_post(v):
-	if request.values.get("new_password") and v.id not in (PW1_ID,PW2_ID):
+	if request.values.get("new_password"):
+		if v.id in (PW1_ID,PW2_ID): return redirect("/settings/security?error=" + escape("This account is protected from password changes."))
 		if request.values.get(
 				"new_password") != request.values.get("cnf_password"):
 			return redirect("/settings/security?error=" +