diff --git a/ChangeLog b/ChangeLog
index 60275309..43e04ecc 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,10 @@
+2007-11-17  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/newgrp.c: Do not give an indication that the group has no
+	password.
+	* src/newgrp.c: Do not only bail on syslog if the password is not
+	valid. Also give an indication to the user on stderr.
+
 2007-11-17  Nicolas François  <nicolas.francois@centraliens.net>
 
 	Fixes from Openwall patch shadow-4.0.4.1-owl-chage-drop-priv.diff:
diff --git a/src/newgrp.c b/src/newgrp.c
index bc0ddb44..26c9dc25 100644
--- a/src/newgrp.c
+++ b/src/newgrp.c
@@ -377,16 +377,6 @@ int main (int argc, char **argv)
 	 * of the tests above.
 	 */
 	if (getuid () != 0 && needspasswd) {
-		if (grp->gr_passwd[0] == '\0') {
-			/*
-			 * there is no password, print out "No password."
-			 * and give up
-			 */
-			sleep (1);
-			fputs (_("No password.\n"), stderr);
-			goto failure;
-		}
-
 		/*
 		 * get the password from her, and set the salt for
 		 * the decryption from the group file.
@@ -402,11 +392,13 @@ int main (int argc, char **argv)
 		cpasswd = pw_encrypt (cp, grp->gr_passwd);
 		strzero (cp);
 
-		if (strcmp (cpasswd, grp->gr_passwd) != 0) {
+		if (grp->gr_passwd[0] == '\0' ||
+		    strcmp (cpasswd, grp->gr_passwd) != 0) {
 			SYSLOG ((LOG_INFO,
 				 "Invalid password for group `%s' from `%s'",
 				 group, name));
 			sleep (1);
+			fputs (_("Invalid password."), stderr);
 			goto failure;
 		}
 	}