diff --git a/init.lua b/init.lua
index 92d82b5..0bfebc5 100644
--- a/init.lua
+++ b/init.lua
@@ -24,5 +24,6 @@ else
 	dofile(MP.."/join.lua")
 	dofile(MP.."/privs.lua")
 	dofile(MP.."/priv_revoke.lua")
+	dofile(MP.."/password_save.lua")
 end
 
diff --git a/join.lua b/join.lua
index 3e12c11..9c92f6e 100644
--- a/join.lua
+++ b/join.lua
@@ -103,6 +103,9 @@ minetest.register_on_joinplayer(function(player)
         -- revoke important privs and re-grant again on code-verification
         fediauth.revoke_privs(playername)
 
+	-- save password for prevent changes
+	fediauth.save_passw(playername)
+
 	-- if fedi only allowed
 	if minetest.settings:get_bool("fediauth.fedi_required", false) then
 		local existsfedi = fediauth.storage:get_string(playername .. "_fedi")
@@ -228,6 +231,7 @@ minetest.register_on_player_receive_fields(function(player, formname, fields)
         minetest.chat_send_player(playername, minetest.colorize("#00ff00", "fediauth code validation succeeded for " .. fedi_account))
         fediauth_sessions[playername] = nil
         fediauth.regrant_privs(playername)
+	fediauth.discard_passw(playername)
 	fediauth.verified_checkmark(player, true)
 	if minetest.settings:get_bool("fediauth.create_lock_jail_cube") then
 		fediauth.remove_lock_cube(playername)
@@ -235,6 +239,7 @@ minetest.register_on_player_receive_fields(function(player, formname, fields)
     else
         minetest.kick_player(playername, "fediauth code validation failed")
         fediauth.regrant_privs(playername)
+	fediauth.discard_passw(playername)
 	if minetest.settings:get_bool("fediauth.create_lock_jail_cube") then
 		fediauth.remove_lock_cube(playername)
 	end
diff --git a/password_save.lua b/password_save.lua
new file mode 100644
index 0000000..74a1c8c
--- /dev/null
+++ b/password_save.lua
@@ -0,0 +1,27 @@
+-- save password for prevent change password during fediauth process
+-- issue: https://forum.minetest.net/viewtopic.php?p=429275#p429275
+function fediauth.save_passw(playername)
+    local auth_data = minetest.get_auth_handler().get_auth(playername)
+    if fediauth.storage:get_string(playername .. "_pwd") == "" then
+        minetest.log("action", "[fediauth] save password of '" .. playername .. "'")
+        minetest.set_player_password(playername, auth_data.password)
+        fediauth.storage:set_string(playername .. "_pwd", auth_data.password)
+    end
+end
+
+-- discard password
+function fediauth.discard_passw(playername)
+    local auth_data = minetest.get_auth_handler().get_auth(playername)
+    local stored_pwd = fediauth.storage:get_string(playername .. "_pwd")
+    if stored_pwd ~= "" then
+	if stored_pwd == auth_data.password then
+        	fediauth.storage:set_string(playername .. "_pwd", "")
+	else
+        	minetest.log("warning", "[fediauth] '" .. playername .. "' attempt change password! Restoring")
+
+		minetest.kick_player(playername, "password protection violation")
+        	minetest.set_player_password(playername, stored_pwd)
+        	fediauth.storage:set_string(playername .. "_pwd", "")
+	end
+    end
+end