diff --git a/src/main/java/org/olat/admin/user/SendTokenToUserForm.java b/src/main/java/org/olat/admin/user/SendTokenToUserForm.java
index 36d28129f7d2070a39840db421e60d832c1c4413..89081c6588ea3f4df5bac47f908dfd743f9607d5 100644
--- a/src/main/java/org/olat/admin/user/SendTokenToUserForm.java
+++ b/src/main/java/org/olat/admin/user/SendTokenToUserForm.java
@@ -20,6 +20,7 @@
 
 package org.olat.admin.user;
 
+import java.util.List;
 import java.util.Locale;
 
 import org.olat.basesecurity.Authentication;
@@ -130,10 +131,18 @@ public class SendTokenToUserForm extends FormBasicController {
 	
 	private void sendToken(UserRequest ureq, String text) {
 		// mailer configuration
-		// check if user has an OLAT provider token, otherwhise a pwd change makes no sense
-		Authentication auth = BaseSecurityManager.getInstance().findAuthentication(user, BaseSecurityModule.getDefaultAuthProviderIdentifier());
-		if (auth == null) { 
-			showWarning("changeuserpwd.failed");
+		// We allow creation of password token when user has no password so far or when he as an OpenOLAT Password. 
+		// For other cases such as Shibboleth, LDAP, oAuth etc. we don't allow creation of token as this is most 
+		// likely not a desired action.
+		List<Authentication> authentications = BaseSecurityManager.getInstance().getAuthentications(user);
+		boolean isOOpwdAllowed = (authentications.size() == 0);
+		for (Authentication authentication : authentications) {
+			if (authentication.getProvider().equals(BaseSecurityModule.getDefaultAuthProviderIdentifier())) {
+				isOOpwdAllowed = true;
+			}			
+		}		
+		if (!isOOpwdAllowed) { 
+			showWarning("sendtoken.wrong.auth");
 			return;
 		}
 		
@@ -148,6 +157,7 @@ public class SendTokenToUserForm extends FormBasicController {
 		}
 		if(text.indexOf(dummyKey) < 0) {
 			showWarning("changeuserpwd.failed");
+			logWarn("Can not replace temporary registration token in change pwd mail token dialog, user probably changed temporary token in mai template", null);
 			return;
 		}
 		String body = text.replace(dummyKey, tk.getRegistrationKey());
diff --git a/src/main/java/org/olat/admin/user/_i18n/LocalStrings_de.properties b/src/main/java/org/olat/admin/user/_i18n/LocalStrings_de.properties
index 22156a273a22793fc02ad4e0536dd650d8769cf2..a04fb3bc98ccdc1994205c632f10ac92a219506b 100644
--- a/src/main/java/org/olat/admin/user/_i18n/LocalStrings_de.properties
+++ b/src/main/java/org/olat/admin/user/_i18n/LocalStrings_de.properties
@@ -43,7 +43,7 @@ form.password.new2=Passwort best\u00E4tigen
 form.please.enter.new=Bitte geben Sie das neue Passwort f\u00FCr diesen Benutzer ein.
 form.token.new.description=Mit Hilfe der Schaltfl\u00E4che "Passwortlink senden" erstellen Sie einen Passwortlink und senden diesen direkt per Mail an den Benutzer. Mit einem Klick darauf wird das alte Passwort zur\u00FCckgesetzt und der Benutzer kann ein neues Passwort eingeben.
 form.token.new.text=Nachricht
-form.token.new.title=Passwortlink senden
+form.token.new.title=Passwortlink senden f\u00FCr OpenOLAT Passwort
 form.username=Benutzername
 found.property=Property ausgew\u00E4hlt {0}
 header.autocompletion=Suche mit Autovervollst\u00E4ndigen
@@ -119,6 +119,7 @@ search.form.title.user=Einschr\u00E4nkung auf Benutzer
 search.form.userLoginAfterDate=Nutzer hat sich zuletzt angemeldet nach
 search.form.userLoginBeforeDate=Nutzer hat sich zuletzt angemeldet vor
 selectall=$org.olat.core.gui.components.table\:checkall
+sendtoken.wrong.auth=Dieser Benutzer verf\u00FCgt \u00FCber Authentifizierungsmethoden, welche nicht \u00FCber diesen Passwortlink ge\u00E4ndert werden k\u00F6nnen. Bitte pr\u00FCfen und l\u00F6schen Sie diese Authentifizierungsmethoden zuerst. 
 submit.cancel=Abbrechen
 submit.save=Speichern
 submit.search=Suchen
diff --git a/src/main/java/org/olat/admin/user/_i18n/LocalStrings_en.properties b/src/main/java/org/olat/admin/user/_i18n/LocalStrings_en.properties
index 35c7756ce4cd476322d2c9fbe43d97b7b22fcc7b..4e815f3b4e581ac41d084a411033efce52e60159 100644
--- a/src/main/java/org/olat/admin/user/_i18n/LocalStrings_en.properties
+++ b/src/main/java/org/olat/admin/user/_i18n/LocalStrings_en.properties
@@ -43,7 +43,7 @@ form.password.new2=Confirm password
 form.please.enter.new=Please enter a new password for this user
 form.token.new.description=By means of the button "Send password link" you can create a password link and send it via e-mail to your user. When clicking on it an old password will be reset allowing your user to set a new one.
 form.token.new.text=Message
-form.token.new.title=Send password link
+form.token.new.title=Send password link for OpenOLAT password
 form.username=User name
 found.property=Property selected {0}
 header.autocompletion=Search combined with auto-completion
@@ -119,6 +119,7 @@ search.form.title.user=User restrictions
 search.form.userLoginAfterDate=Last user login after
 search.form.userLoginBeforeDate=Last user login before
 selectall=$org.olat.core.gui.components.table\:checkall
+sendtoken.wrong.auth=This user has authentication tokens which can not be changed using this password link. Please review and delete this additional authentication tokens first. 
 submit.cancel=Cancel
 submit.save=Save
 submit.search=Search