diff --git a/lam/lib/modules/posixAccount.inc b/lam/lib/modules/posixAccount.inc
index 8cc42a11..8c58dfc7 100644
--- a/lam/lib/modules/posixAccount.inc
+++ b/lam/lib/modules/posixAccount.inc
@@ -1002,7 +1002,7 @@ class posixAccount extends baseModule implements passwordService {
 			$return->addElement(new htmlTableExtendedSelect('loginShell', $shelllist, array($this->attributes['loginShell'][0]), _('Login shell'), 'loginShell'), true);
 		}
 		// password buttons
-		if (isset($this->attributes['userPassword'][0])) {
+		if (checkIfWriteAccessIsAllowed() && isset($this->attributes['userPassword'][0])) {
 			$return->addElement(new htmlOutputText(_('Password')));
 			$pwdContainer = new htmlTable();
 			if (pwd_is_enabled($this->attributes['userPassword'][0])) {
diff --git a/lam/lib/modules/posixGroup.inc b/lam/lib/modules/posixGroup.inc
index f9371013..93e091e7 100644
--- a/lam/lib/modules/posixGroup.inc
+++ b/lam/lib/modules/posixGroup.inc
@@ -196,7 +196,7 @@ class posixGroup extends baseModule implements passwordService {
 		$return->addElement(new htmlAccountPageButton(get_class($this), 'user', 'open', _('Edit members')));
 		$return->addElement(new htmlHelpLink('members'), true);
 		// password buttons
-		if (isset($this->attributes['userPassword'][0])) {
+		if (checkIfWriteAccessIsAllowed() && isset($this->attributes['userPassword'][0])) {
 			$return->addElement(new htmlOutputText(_('Password')));
 			$pwdContainer = new htmlTable();
 			if (pwd_is_enabled($this->attributes['userPassword'][0])) {