diff --git a/lib/devise/models/database_authenticatable.rb b/lib/devise/models/database_authenticatable.rb
index 0857cd7735..f639704989 100644
--- a/lib/devise/models/database_authenticatable.rb
+++ b/lib/devise/models/database_authenticatable.rb
@@ -65,7 +65,6 @@ def password=(new_password)
 
       # Verifies whether a password (ie from sign in) is the user password.
       def valid_password?(password)
-        return false if password.blank?
         Devise::Encryptor.compare(self.class, encrypted_password, password)
       end
 
diff --git a/test/models/database_authenticatable_test.rb b/test/models/database_authenticatable_test.rb
index 2b0b92319f..dadab91bfb 100644
--- a/test/models/database_authenticatable_test.rb
+++ b/test/models/database_authenticatable_test.rb
@@ -148,6 +148,16 @@ def setup
     refute user.valid_password?('654321')
   end
 
+  test 'should be invalid if the password is nil' do
+    user = new_user(password: nil)
+    refute user.valid_password?(nil)
+  end
+
+  test 'should be invalid if the password is blank' do
+    user = new_user(password: '')
+    refute user.valid_password?('')
+  end
+
   test 'should respond to current password' do
     assert new_user.respond_to?(:current_password)
   end