diff --git a/includes/core/load.js.php b/includes/core/load.js.php
index 02588b923..f9f2057f6 100755
--- a/includes/core/load.js.php
+++ b/includes/core/load.js.php
@@ -213,6 +213,9 @@ function(teampassUser) {
 
                             // Show form
                             $('#dialog-ldap-user-change-password').removeClass('hidden');
+                            $('#dialog-ldap-user-change-password-info')
+                                .html('<i class="icon fa-solid fa-info mr-2"></i><?php echo $lang->get('ldap_user_has_changed_his_password');?>')
+                                .removeClass('hidden');
                         } else if (typeof data.queryResults !== 'undefined' && data.queryResults.keys_recovery_time === null && store.get('teampassUser').user_admin === 0) {
                             // User has not yet recovered his keys
                             $('#open_user_keys_management').removeClass('hidden');
diff --git a/sources/identify.php b/sources/identify.php
index cde2bbd72..28d3c99ba 100755
--- a/sources/identify.php
+++ b/sources/identify.php
@@ -606,7 +606,23 @@ function identifyUser(string $sentData, array $SETTINGS): bool
         // User signature keys
         $returnKeys = prepareUserEncryptionKeys($userInfo, $passwordClear);  
         $session->set('user-private_key', $returnKeys['private_key_clear']);
-        $session->set('user-public_key', $returnKeys['public_key']);      
+        $session->set('user-public_key', $returnKeys['public_key']);
+
+        // Automatically detect LDAP password changes.
+        if ($userInfo['auth_type'] === 'ldap' && $returnKeys['private_key_clear'] === '') {
+            // Add special "recrypt-private-key" in database profile.
+            DB::update(
+                prefixTable('users'),
+                array(
+                    'special' => 'recrypt-private-key',
+                ),
+                'id = %i',
+                $userInfo['id']
+            );
+
+            // Store new value in userInfos.
+            $userInfo['special'] = 'recrypt-private-key';
+        }
 
         // API key
         $session->set(
diff --git a/sources/main.queries.php b/sources/main.queries.php
index 675e734d6..ab6cecd2e 100755
--- a/sources/main.queries.php
+++ b/sources/main.queries.php
@@ -3083,24 +3083,16 @@ function changeUserLDAPAuthenticationPassword(
                 );
             }
 
-            // Test if possible to decvrypt one key
-            // Get one item
-            $record = DB::queryFirstRow(
-                'SELECT id, pw
-                FROM ' . prefixTable('items') . '
-                WHERE perso = 0'
-            );
-
-            // Get itemKey from current user
+            // Get one itemKey from current user
             $currentUserKey = DB::queryFirstRow(
                 'SELECT share_key, increment_id
                 FROM ' . prefixTable('sharekeys_items') . '
-                WHERE object_id = %i AND user_id = %i',
-                $record['id'],
+                WHERE user_id = %i
+                LIMIT 1',
                 $post_user_id
             );
 
-            if (count($currentUserKey) > 0) {
+            if (is_countable($currentUserKey) && count($currentUserKey) > 0) {
                 // Decrypt itemkey with user key
                 // use old password to decrypt private_key
                 $itemKey = decryptUserObjectKey($currentUserKey['share_key'], $privateKey);