diff --git a/changelogs/fragments/334-mysql_user_fix_logic_on_oncreate.yml b/changelogs/fragments/334-mysql_user_fix_logic_on_oncreate.yml
new file mode 100644
index 00000000..4ac88a15
--- /dev/null
+++ b/changelogs/fragments/334-mysql_user_fix_logic_on_oncreate.yml
@@ -0,0 +1,2 @@
+bugfixes:
+  - "mysql_user - fix logic when ``update_password`` is set to ``on_create`` for users using ``plugin*`` arguments (https://github.com/ansible-collections/community.mysql/issues/334). The ``on_create`` sets ``password`` to None for old mysql_native_authentication but not for authentiation methods which uses the ``plugin*`` arguments. This PR changes this so ``on_create`` also exchange ``plugin``, ``plugin_hash_string``, ``plugin_auth_string`` to None in the list of arguments to change"
diff --git a/plugins/modules/mysql_user.py b/plugins/modules/mysql_user.py
index 601e50a4..9957d0f3 100644
--- a/plugins/modules/mysql_user.py
+++ b/plugins/modules/mysql_user.py
@@ -22,7 +22,8 @@
     required: true
   password:
     description:
-      - Set the user's password.
+      - Set the user's password. Only for C(mysql_native_password) authentication.
+        For other authentication plugins see the combination of I(plugin), I(plugin_hash_string), I(plugin_auth_string).
     type: str
   encrypted:
     description:
@@ -94,8 +95,8 @@
     default: no
   update_password:
     description:
-      - C(always) will update passwords if they differ.
-      - C(on_create) will only set the password for newly created users.
+      - C(always) will update passwords if they differ. This affects I(password) and the combination of I(plugin), I(plugin_hash_string), I(plugin_auth_string).
+      - C(on_create) will only set the password or the combination of plugin, plugin_hash_string, plugin_auth_string for newly created users.
     type: str
     choices: [ always, on_create ]
     default: always
@@ -441,7 +442,7 @@ def main():
                                             priv, append_privs, tls_requires, module)
                 else:
                     changed, msg = user_mod(cursor, user, host, host_all, None, encrypted,
-                                            plugin, plugin_hash_string, plugin_auth_string,
+                                            None, None, None,
                                             priv, append_privs, tls_requires, module)
 
             except (SQLParseError, InvalidPrivsError, mysql_driver.Error) as e: