1 files changed, 11 insertions, 12 deletions

diff --git a/activemodel/lib/active_model/secure_password.rb b/activemodel/lib/active_model/secure_password.rb
index 474cb0aea0..e553590671 100644
--- a/activemodel/lib/active_model/secure_password.rb
+++ b/activemodel/lib/active_model/secure_password.rb
@@ -30,15 +30,15 @@ module ActiveModel
       #   end
       #
       #   user = User.new(name: 'david', password: '', password_confirmation: 'nomatch')
-      #   user.save                                                      # => false, password required
+      #   user.save                                                       # => false, password required
       #   user.password = 'mUc3m00RsqyRe'
-      #   user.save                                                      # => false, confirmation doesn't match
+      #   user.save                                                       # => false, confirmation doesn't match
       #   user.password_confirmation = 'mUc3m00RsqyRe'
-      #   user.save                                                      # => true
-      #   user.authenticate('notright')                                  # => false
-      #   user.authenticate('mUc3m00RsqyRe')                             # => user
-      #   User.find_by_name('david').try(:authenticate, 'notright')      # => false
-      #   User.find_by_name('david').try(:authenticate, 'mUc3m00RsqyRe') # => user
+      #   user.save                                                       # => true
+      #   user.authenticate('notright')                                   # => false
+      #   user.authenticate('mUc3m00RsqyRe')                              # => user
+      #   User.find_by(name: 'david').try(:authenticate, 'notright')      # => false
+      #   User.find_by(name: 'david').try(:authenticate, 'mUc3m00RsqyRe') # => user
       def has_secure_password(options = {})
         # Load bcrypt-ruby only when has_secure_password is used.
         # This is to avoid ActiveModel (and by extension the entire framework)
@@ -56,8 +56,9 @@ module ActiveModel
         include InstanceMethodsOnActivation
 
         if options.fetch(:validations, true)
-          validates_confirmation_of :password
-          validates_presence_of     :password, :on => :create
+          validates_confirmation_of :password, if: lambda { |m| m.password.present? }
+          validates_presence_of     :password, on: :create
+          validates_presence_of     :password_confirmation, if: lambda { |m| m.password.present? }
 
           before_create { raise "Password digest missing on new record" if password_digest.blank? }
         end
@@ -106,9 +107,7 @@ module ActiveModel
       end
 
       def password_confirmation=(unencrypted_password)
-        unless unencrypted_password.blank?
-          @password_confirmation = unencrypted_password
-        end
+        @password_confirmation = unencrypted_password
       end
     end
   end