diff --git a/admin/inc/class.admin_cmd_change_pw.inc.php b/admin/inc/class.admin_cmd_change_pw.inc.php
index 211ea10777..6ca909a708 100644
--- a/admin/inc/class.admin_cmd_change_pw.inc.php
+++ b/admin/inc/class.admin_cmd_change_pw.inc.php
@@ -7,13 +7,13 @@
  * @package admin
  * @copyright (c) 2007 by Ralf Becker <RalfBecker-AT-outdoor-training.de>
  * @license http://opensource.org/licenses/gpl-license.php GPL - GNU General Public License
- * @version $Id$ 
+ * @version $Id$
  */
 
 /**
  * admin command: change the password of a given user
  */
-class admin_cmd_change_pw extends admin_cmd 
+class admin_cmd_change_pw extends admin_cmd
 {
 	/**
 	 * Constructor
@@ -35,7 +35,7 @@ class admin_cmd_change_pw extends admin_cmd
 
 	/**
 	 * change the password of a given user
-	 * 
+	 *
 	 * @param boolean $check_only=false only run the checks (and throw the exceptions), but not the command itself
 	 * @return string success message
 	 * @throws egw_exception_no_admin
@@ -47,29 +47,16 @@ class admin_cmd_change_pw extends admin_cmd
 		$account_id = admin_cmd::parse_account($this->account,true);	// true = user, no group
 		// check creator is still admin and not explicitly forbidden to edit accounts
 		if ($this->creator) $this->_check_admin('account_access',16);
-		
+
 		if ($check_only) return true;
-		
+
 		$auth = new auth;
-		
+
 		if (!$auth->change_password(null, $this->password, $account_id))
 		{
 			// as long as the auth class is not throwing itself ...
 			throw new Exception(lang('Error changing the password for % !!!',$this->account),99);
 		}
-		$GLOBALS['hook_values']['account_id'] = $account_id;
-		$GLOBALS['hook_values']['account_lid'] = $this->account;
-		if (is_numeric($this->account))
-		{
-			admin_cmd::_instanciate_accounts();
-			$GLOBALS['hook_values']['account_lid'] = admin_cmd::$accounts->id2name($this->account);
-		}
-		$GLOBALS['hook_values']['old_passwd'] = null;
-		$GLOBALS['hook_values']['new_passwd'] = $this->password;
-		$GLOBALS['egw']->hooks->process($GLOBALS['hook_values']+array(
-			'location' => 'changepassword'
-		),False,True);  // called for every app now, not only enabled ones)
-		
 		return lang('Password updated');
 	}
 
diff --git a/admin/inc/class.boaccounts.inc.php b/admin/inc/class.boaccounts.inc.php
index c6ec43e778..43fb90909b 100755
--- a/admin/inc/class.boaccounts.inc.php
+++ b/admin/inc/class.boaccounts.inc.php
@@ -398,14 +398,6 @@
 					$auth = new auth();
 					if ($auth->change_password('', $passwd, $_userData['account_id']))
 					{
-						$GLOBALS['hook_values']['account_id'] = $_userData['account_id'];
-						$GLOBALS['hook_values']['old_passwd'] = '';
-						$GLOBALS['hook_values']['new_passwd'] = $passwd;
-
-						$GLOBALS['egw']->hooks->process($GLOBALS['hook_values']+array(
-							'location' => 'changepassword'
-						),False,True);	// called for every app now, not only enabled ones)
-
 						if ($_userData['account_lastpwd_change']==0 ||	// AD requires to activate account AFTER setting pw
 							$new_account && $_userData['account_status'] == 'A' && $GLOBALS['egw']->accounts->require_password_for_enable())
 						{
diff --git a/phpgwapi/inc/class.auth.inc.php b/phpgwapi/inc/class.auth.inc.php
index 0d553937f1..4d2f674963 100644
--- a/phpgwapi/inc/class.auth.inc.php
+++ b/phpgwapi/inc/class.auth.inc.php
@@ -230,13 +230,28 @@ class auth
 		{
 			throw new egw_exception_wrong_userinput($err);
 		}
-		if (($ret = $this->backend->change_password($old_passwd, $new_passwd, $account_id)) &&
-			($account_id == $GLOBALS['egw_info']['user']['account_id']))
+		if (($ret = $this->backend->change_password($old_passwd, $new_passwd, $account_id)))
 		{
-			// need to change current users password in session
-			egw_cache::setSession('phpgwapi', 'password', base64_encode($new_passwd));
-			// invalidate EGroupware session, as password is stored in egw_info in session
-			egw::invalidate_session_cache();
+			if ($account_id == $GLOBALS['egw_info']['user']['account_id'])
+			{
+				// need to change current users password in session
+				egw_cache::setSession('phpgwapi', 'password', base64_encode($new_passwd));
+				$GLOBALS['egw_info']['user']['passwd'] = $new_passwd;
+				$GLOBALS['egw_info']['user']['account_lastpwd_change'] = egw_time::to('now','ts');
+				// invalidate EGroupware session, as password is stored in egw_info in session
+				egw::invalidate_session_cache();
+			}
+			accounts::cache_invalidate($account_id);
+			// run changepwasswd hook
+			$GLOBALS['hook_values'] = array(
+				'account_id'  => $account_id,
+				'account_lid' => accounts::id2name($account_id),
+				'old_passwd'  => $old_passwd,
+				'new_passwd'  => $new_passwd,
+			);
+			$GLOBALS['egw']->hooks->process($GLOBALS['hook_values']+array(
+				'location' => 'changepassword'
+			),False,True);	// called for every app now, not only enabled ones)
 		}
 		return $ret;
 	}
diff --git a/preferences/inc/class.bopassword.inc.php b/preferences/inc/class.bopassword.inc.php
index d1602b9b88..c5765d768b 100644
--- a/preferences/inc/class.bopassword.inc.php
+++ b/preferences/inc/class.bopassword.inc.php
@@ -33,6 +33,12 @@
 		{
 			if (($ret = $GLOBALS['egw']->auth->change_password($old, $new, $GLOBALS['egw_info']['user']['account_id'])))
 			{
+				$GLOBALS['egw']->session->appsession('password','phpgwapi',base64_encode($new));
+				$GLOBALS['egw_info']['user']['passwd'] = $new;
+				$GLOBALS['egw_info']['user']['account_lastpwd_change'] = egw_time::to('now','ts');
+				accounts::cache_invalidate($GLOBALS['egw_info']['user']['account_id']);
+				egw::invalidate_session_cache();
+				//_debug_array( $GLOBALS['egw_info']['user']);
 				$GLOBALS['hook_values']['account_id'] = $GLOBALS['egw_info']['user']['account_id'];
 				$GLOBALS['hook_values']['old_passwd'] = $old;
 				$GLOBALS['hook_values']['new_passwd'] = $new;
diff --git a/preferences/inc/class.uipassword.inc.php b/preferences/inc/class.uipassword.inc.php
index c7908f3626..59d6da24fd 100644
--- a/preferences/inc/class.uipassword.inc.php
+++ b/preferences/inc/class.uipassword.inc.php
@@ -97,7 +97,8 @@ class uipassword
 			if (!$errors)
 			{
 				try {
-					$passwd_changed = $this->bo->changepass($o_passwd, $n_passwd);
+					$passwd_changed = $GLOBALS['egw']->auth->change_password($o_passwd, $n_passwd,
+						$GLOBALS['egw_info']['user']['account_id']);
 				}
 				catch (Exception $e) {
 					$errors[] = $e->getMessage();
@@ -117,20 +118,6 @@ class uipassword
 			}
 			else
 			{
-				$GLOBALS['egw']->session->appsession('password','phpgwapi',base64_encode($n_passwd));
-				$GLOBALS['egw_info']['user']['passwd'] = $n_passwd;
-				$GLOBALS['egw_info']['user']['account_lastpwd_change'] = egw_time::to('now','ts');
-				accounts::cache_invalidate($GLOBALS['egw_info']['user']['account_id']);
-				egw::invalidate_session_cache();
-				//_debug_array( $GLOBALS['egw_info']['user']);
-				$GLOBALS['hook_values']['account_id'] = $GLOBALS['egw_info']['user']['account_id'];
-				$GLOBALS['hook_values']['old_passwd'] = $o_passwd;
-				$GLOBALS['hook_values']['new_passwd'] = $n_passwd;
-
-				// called for every app now, not only for the ones enabled for the user
-				$GLOBALS['egw']->hooks->process($GLOBALS['hook_values']+array(
-					'location' => 'changepassword',
-				),False,True);
 				if ($GLOBALS['egw_info']['user']['apps']['preferences'])
 				{
 					egw::redirect_link('/preferences/index.php','cd=18');