diff --git a/modules/account/src/Volo.Abp.Account.Web/Pages/Account/Manage.cshtml b/modules/account/src/Volo.Abp.Account.Web/Pages/Account/Manage.cshtml
index 28aa876bba..23350442b2 100644
--- a/modules/account/src/Volo.Abp.Account.Web/Pages/Account/Manage.cshtml
+++ b/modules/account/src/Volo.Abp.Account.Web/Pages/Account/Manage.cshtml
@@ -25,33 +25,41 @@
 <abp-card>
     <abp-card-body>
         <abp-tabs tab-style="PillVertical">
-            <abp-tab title="@L["ChangePassword"].Value">
-                <h4>@L["ChangePassword"].Value</h4><hr />
-                <abp-dynamic-form abp-model="@Model.ChangePasswordInfoModel" id="ChangePasswordForm">
-                    <abp-form-content />
-                    <abp-button type="submit" button-type="Primary" text="@L["Submit"].Value" />
-                </abp-dynamic-form>
-            </abp-tab>
+            @if (!Model.DisablePasswordChange)
+            {
+                <abp-tab title="@L["ChangePassword"].Value">
+                    <h4>@L["ChangePassword"].Value</h4><hr/>
+                    <form id="ChangePasswordForm">
+                        @if (!Model.HideOldPasswordInput)
+                        {
+                            <abp-input asp-for="ChangePasswordInfoModel.CurrentPassword"/>
+                        }
+                        <abp-input asp-for="ChangePasswordInfoModel.NewPassword"/>
+                        <abp-input asp-for="ChangePasswordInfoModel.NewPasswordConfirm"/>
+                        <abp-button type="submit" button-type="Primary" text="@L["Submit"].Value"/>
+                    </form>
+                </abp-tab>
+            }
             <abp-tab title="@L["PersonalSettings"].Value">
-                <h4>@L["PersonalSettings"].Value</h4><hr />
+                <h4>@L["PersonalSettings"].Value</h4><hr/>
                 <form method="post" id="PersonalSettingsForm">
 
-                    <abp-input asp-for="PersonalSettingsInfoModel.UserName" readonly="!isUserNameUpdateEnabled" />
+                    <abp-input asp-for="PersonalSettingsInfoModel.UserName" readonly="!isUserNameUpdateEnabled"/>
 
                     <abp-row>
                         <abp-column size-md="_6">
-                            <abp-input asp-for="PersonalSettingsInfoModel.Name" />
+                            <abp-input asp-for="PersonalSettingsInfoModel.Name"/>
                         </abp-column>
                         <abp-column size-md="_6">
-                            <abp-input asp-for="PersonalSettingsInfoModel.Surname" />
+                            <abp-input asp-for="PersonalSettingsInfoModel.Surname"/>
                         </abp-column>
                     </abp-row>
 
-                    <abp-input asp-for="PersonalSettingsInfoModel.Email" readonly="!isEmailUpdateEnabled" />
+                    <abp-input asp-for="PersonalSettingsInfoModel.Email" readonly="!isEmailUpdateEnabled"/>
 
-                    <abp-input asp-for="PersonalSettingsInfoModel.PhoneNumber" />
+                    <abp-input asp-for="PersonalSettingsInfoModel.PhoneNumber"/>
 
-                    <abp-button type="submit" button-type="Primary" text="@L["Submit"].Value" />
+                    <abp-button type="submit" button-type="Primary" text="@L["Submit"].Value"/>
                 </form>
             </abp-tab>
         </abp-tabs>
diff --git a/modules/account/src/Volo.Abp.Account.Web/Pages/Account/Manage.cshtml.cs b/modules/account/src/Volo.Abp.Account.Web/Pages/Account/Manage.cshtml.cs
index 3c779dc870..db51f9890c 100644
--- a/modules/account/src/Volo.Abp.Account.Web/Pages/Account/Manage.cshtml.cs
+++ b/modules/account/src/Volo.Abp.Account.Web/Pages/Account/Manage.cshtml.cs
@@ -12,6 +12,10 @@ namespace Volo.Abp.Account.Web.Pages.Account
 
         public PersonalSettingsInfoModel PersonalSettingsInfoModel { get; set; }
 
+        public bool DisablePasswordChange { get; set; }
+
+        public bool HideOldPasswordInput { get; set; }
+
         protected IProfileAppService ProfileAppService { get; }
 
         public ManageModel(IProfileAppService profileAppService)
@@ -25,6 +29,9 @@ namespace Volo.Abp.Account.Web.Pages.Account
 
             PersonalSettingsInfoModel = ObjectMapper.Map<ProfileDto, PersonalSettingsInfoModel>(user);
 
+            DisablePasswordChange = user.IsExternal;
+            HideOldPasswordInput = !user.HasPassword;
+
             return Page();
         }
 
@@ -54,7 +61,7 @@ namespace Volo.Abp.Account.Web.Pages.Account
         [DataType(DataType.Password)]
         public string NewPasswordConfirm { get; set; }
     }
-    
+
     public class PersonalSettingsInfoModel
     {
         [Required]
diff --git a/modules/account/src/Volo.Abp.Account.Web/Pages/Account/Manage.js b/modules/account/src/Volo.Abp.Account.Web/Pages/Account/Manage.js
index 68109eb6da..3c7c4148e8 100644
--- a/modules/account/src/Volo.Abp.Account.Web/Pages/Account/Manage.js
+++ b/modules/account/src/Volo.Abp.Account.Web/Pages/Account/Manage.js
@@ -15,13 +15,13 @@
 
         if (
             input.newPassword != input.newPasswordConfirm ||
-            input.currentPassword == ''
+            input.newPassword == ''
         ) {
             abp.message.error(l('NewPasswordConfirmFailed'));
             return;
         }
 
-        if (input.currentPassword == '') {
+        if (input.currentPassword && input.currentPassword == ''){
             return;
         }
 
diff --git a/modules/identity/src/Volo.Abp.Identity.Application.Contracts/Volo/Abp/Identity/ChangePasswordInput.cs b/modules/identity/src/Volo.Abp.Identity.Application.Contracts/Volo/Abp/Identity/ChangePasswordInput.cs
index a5bd73908a..04f7879f15 100644
--- a/modules/identity/src/Volo.Abp.Identity.Application.Contracts/Volo/Abp/Identity/ChangePasswordInput.cs
+++ b/modules/identity/src/Volo.Abp.Identity.Application.Contracts/Volo/Abp/Identity/ChangePasswordInput.cs
@@ -1,9 +1,18 @@
-namespace Volo.Abp.Identity
+using System.ComponentModel.DataAnnotations;
+using Volo.Abp.Auditing;
+using Volo.Abp.Validation;
+
+namespace Volo.Abp.Identity
 {
     public class ChangePasswordInput
     {
+        [DisableAuditing]
+        [DynamicStringLength(typeof(IdentityUserConsts), nameof(IdentityUserConsts.MaxPasswordLength))]
         public string CurrentPassword { get; set; }
 
+        [Required]
+        [DisableAuditing]
+        [DynamicStringLength(typeof(IdentityUserConsts), nameof(IdentityUserConsts.MaxPasswordLength))]
         public string NewPassword { get; set; }
     }
 }
diff --git a/modules/identity/src/Volo.Abp.Identity.Application.Contracts/Volo/Abp/Identity/ProfileDto.cs b/modules/identity/src/Volo.Abp.Identity.Application.Contracts/Volo/Abp/Identity/ProfileDto.cs
index 4777c0ad23..98469700a9 100644
--- a/modules/identity/src/Volo.Abp.Identity.Application.Contracts/Volo/Abp/Identity/ProfileDto.cs
+++ b/modules/identity/src/Volo.Abp.Identity.Application.Contracts/Volo/Abp/Identity/ProfileDto.cs
@@ -13,5 +13,9 @@ namespace Volo.Abp.Identity
         public string Surname { get; set; }
 
         public string PhoneNumber { get; set; }
+
+        public bool IsExternal { get; set; }
+
+        public bool HasPassword { get; set; }
     }
-}
\ No newline at end of file
+}
diff --git a/modules/identity/src/Volo.Abp.Identity.Application/Volo/Abp/Identity/AbpIdentityApplicationModuleAutoMapperProfile.cs b/modules/identity/src/Volo.Abp.Identity.Application/Volo/Abp/Identity/AbpIdentityApplicationModuleAutoMapperProfile.cs
index 01a68dc677..4c28e37f01 100644
--- a/modules/identity/src/Volo.Abp.Identity.Application/Volo/Abp/Identity/AbpIdentityApplicationModuleAutoMapperProfile.cs
+++ b/modules/identity/src/Volo.Abp.Identity.Application/Volo/Abp/Identity/AbpIdentityApplicationModuleAutoMapperProfile.cs
@@ -1,4 +1,5 @@
 using AutoMapper;
+using Volo.Abp.AutoMapper;
 
 namespace Volo.Abp.Identity
 {
@@ -11,9 +12,11 @@ namespace Volo.Abp.Identity
 
             CreateMap<IdentityRole, IdentityRoleDto>()
                 .MapExtraProperties();
-            
+
             CreateMap<IdentityUser, ProfileDto>()
+                .ForMember(dest => dest.HasPassword,
+                    op => op.MapFrom(src => src.PasswordHash != null))
                 .MapExtraProperties();
         }
     }
-}
\ No newline at end of file
+}
diff --git a/modules/identity/src/Volo.Abp.Identity.Application/Volo/Abp/Identity/ProfileAppService.cs b/modules/identity/src/Volo.Abp.Identity.Application/Volo/Abp/Identity/ProfileAppService.cs
index 45bcdf3e35..c08eb7ce32 100644
--- a/modules/identity/src/Volo.Abp.Identity.Application/Volo/Abp/Identity/ProfileAppService.cs
+++ b/modules/identity/src/Volo.Abp.Identity.Application/Volo/Abp/Identity/ProfileAppService.cs
@@ -1,4 +1,5 @@
-using System.Threading.Tasks;
+using System.Linq;
+using System.Threading.Tasks;
 using Microsoft.AspNetCore.Authorization;
 using Microsoft.AspNetCore.Identity;
 using Volo.Abp.Identity.Settings;
@@ -20,9 +21,9 @@ namespace Volo.Abp.Identity
 
         public virtual async Task<ProfileDto> GetAsync()
         {
-            return ObjectMapper.Map<IdentityUser, ProfileDto>(
-                await UserManager.GetByIdAsync(CurrentUser.GetId())
-            );
+            var currentUser = await UserManager.GetByIdAsync(CurrentUser.GetId());
+
+            return ObjectMapper.Map<IdentityUser, ProfileDto>(currentUser);
         }
 
         public virtual async Task<ProfileDto> UpdateAsync(UpdateProfileDto input)
@@ -56,6 +57,19 @@ namespace Volo.Abp.Identity
         public virtual async Task ChangePasswordAsync(ChangePasswordInput input)
         {
             var currentUser = await UserManager.GetByIdAsync(CurrentUser.GetId());
+
+            if (currentUser.IsExternal)
+            {
+                throw new BusinessException(code: IdentityErrorCodes.ExternalUserPasswordChange);
+            }
+
+            if (currentUser.PasswordHash == null)
+            {
+                (await UserManager.AddPasswordAsync(currentUser, input.NewPassword)).CheckErrors();
+
+                return;
+            }
+
             (await UserManager.ChangePasswordAsync(currentUser, input.CurrentPassword, input.NewPassword)).CheckErrors();
         }
     }
diff --git a/modules/identity/src/Volo.Abp.Identity.Domain.Shared/Volo/Abp/Identity/IdentityErrorCodes.cs b/modules/identity/src/Volo.Abp.Identity.Domain.Shared/Volo/Abp/Identity/IdentityErrorCodes.cs
index d77ee9f5a9..d5e57a6953 100644
--- a/modules/identity/src/Volo.Abp.Identity.Domain.Shared/Volo/Abp/Identity/IdentityErrorCodes.cs
+++ b/modules/identity/src/Volo.Abp.Identity.Domain.Shared/Volo/Abp/Identity/IdentityErrorCodes.cs
@@ -4,5 +4,6 @@
     {
         public const string UserSelfDeletion = "Volo.Abp.Identity:010001";
         public const string MaxAllowedOuMembership = "Volo.Abp.Identity:010002";
+        public const string ExternalUserPasswordChange = "Volo.Abp.Identity:010003";
     }
-}
\ No newline at end of file
+}
diff --git a/modules/identity/src/Volo.Abp.Identity.Domain.Shared/Volo/Abp/Identity/Localization/en.json b/modules/identity/src/Volo.Abp.Identity.Domain.Shared/Volo/Abp/Identity/Localization/en.json
index 6bef6dcafe..bcc2108fe5 100644
--- a/modules/identity/src/Volo.Abp.Identity.Domain.Shared/Volo/Abp/Identity/Localization/en.json
+++ b/modules/identity/src/Volo.Abp.Identity.Domain.Shared/Volo/Abp/Identity/Localization/en.json
@@ -102,6 +102,7 @@
     "Description:Abp.Identity.SignIn.RequireConfirmedPhoneNumber": "Whether a confirmed telephone number is required to sign in.",
     "Description:Abp.Identity.User.IsUserNameUpdateEnabled": "Whether the username can be updated by the user.",
     "Description:Abp.Identity.User.IsEmailUpdateEnabled": "Whether the email can be updated by the user.",
-    "Volo.Abp.Identity:010002": "Can not set more than {MaxUserMembershipCount} organization unit for a user!"
+    "Volo.Abp.Identity:010002": "Can not set more than {MaxUserMembershipCount} organization unit for a user!",
+    "Volo.Abp.Identity:010003": "Can not change password of an externally logged in user!"
   }
 }