diff --git a/mysql-test/suite/plugins/r/parsec.result b/mysql-test/suite/plugins/r/parsec.result
index 98b67c4d09d..a7472d0e666 100644
--- a/mysql-test/suite/plugins/r/parsec.result
+++ b/mysql-test/suite/plugins/r/parsec.result
@@ -28,3 +28,18 @@ test.have_ssl()
 yes
 drop function have_ssl;
 drop user test1@'%';
+# MDEV-34854 Parsec sends garbage when using an empty password
+create user test2@'%' identified via parsec using PASSWORD('');
+show grants for test2@'%';
+Grants for test2@%
+GRANT USAGE ON *.* TO `test2`@`%` IDENTIFIED VIA parsec USING 'P0:salt:password'
+connect con4, localhost, test2,;
+select 4, USER(), CURRENT_USER();
+4	USER()	CURRENT_USER()
+4	test2@localhost	test2@%
+disconnect con4;
+connect(localhost,test2,wrong_pwd,test,MASTER_MYPORT,MASTER_MYSOCK);
+connect con5, localhost, test2, "wrong_pwd";
+ERROR 28000: Access denied for user 'test2'@'localhost' (using password: NO)
+connection default;
+drop user test2@'%';
diff --git a/mysql-test/suite/plugins/t/parsec.test b/mysql-test/suite/plugins/t/parsec.test
index 25db07bcbe4..f021b1d1007 100644
--- a/mysql-test/suite/plugins/t/parsec.test
+++ b/mysql-test/suite/plugins/t/parsec.test
@@ -43,3 +43,18 @@ if ($MTR_COMBINATION_WIN) {
 
 drop function have_ssl;
 drop user test1@'%';
+
+
+--echo # MDEV-34854 Parsec sends garbage when using an empty password
+create user test2@'%' identified via parsec using PASSWORD('');
+--replace_regex /:[A-Za-z0-9+\/]{43}'/:password'/ /:[A-Za-z0-9+\/]{24}:/:salt:/
+show grants for test2@'%';
+connect con4, localhost, test2,;
+select 4, USER(), CURRENT_USER();
+disconnect con4;
+
+--replace_result $MASTER_MYSOCK MASTER_MYSOCK $MASTER_MYPORT MASTER_MYPORT
+--error ER_ACCESS_DENIED_ERROR
+connect con5, localhost, test2, "wrong_pwd";
+connection default;
+drop user test2@'%';
diff --git a/sql/sql_acl.cc b/sql/sql_acl.cc
index 3dd23923558..96886fb0175 100644
--- a/sql/sql_acl.cc
+++ b/sql/sql_acl.cc
@@ -2401,7 +2401,8 @@ static int set_user_auth(THD *thd, const LEX_CSTRING &user,
     res= ER_NOT_VALID_PASSWORD;
     goto end;
   }
-  if (pwtext.length)
+
+  if (!auth->auth_string.length)
   {
     if (info->hash_password)
     {
@@ -2416,7 +2417,7 @@ static int set_user_auth(THD *thd, const LEX_CSTRING &user,
       auth->auth_string.str= (char*)memdup_root(&acl_memroot, buf, len+1);
       auth->auth_string.length= len;
     }
-    else
+    else if (pwtext.length)
     {
       res= ER_SET_PASSWORD_AUTH_PLUGIN;
       goto end;