diff --git a/sql/sql_acl.cc b/sql/sql_acl.cc
index 10c14d5a4a8a4..c5e47d6633e00 100644
--- a/sql/sql_acl.cc
+++ b/sql/sql_acl.cc
@@ -52,6 +52,7 @@
 #include "sql_db.h"
 #include "sql_array.h"
 #include "sql_hset.h"
+#include "password.h"
 
 #include "sql_plugin_compat.h"
 
@@ -950,7 +951,7 @@ static bool fix_user_plugin_ptr(ACL_USER *user)
      username IDENTIFIED VIA mysql_native_password USING xxx
      etc
 */
-static bool fix_lex_user(LEX_USER *user)
+static bool fix_lex_user(THD *thd, LEX_USER *user)
 {
   size_t check_length;
 
@@ -976,6 +977,30 @@ static bool fix_lex_user(LEX_USER *user)
     return true;
   }
 
+  if (user->password.length)
+  {
+    size_t scramble_length;
+    void (*make_scramble)(char *, const char *, size_t);
+
+    if (thd->variables.old_passwords == 1)
+    {
+      scramble_length= SCRAMBLED_PASSWORD_CHAR_LENGTH_323;
+      make_scramble= my_make_scrambled_password_323;
+    }
+    else
+    {
+      scramble_length= SCRAMBLED_PASSWORD_CHAR_LENGTH;
+      make_scramble= my_make_scrambled_password;
+    }
+
+    char *buff= (char *) thd->alloc(scramble_length + 1);
+    if (buff == NULL)
+      return true;
+    make_scramble(buff, user->password.str, user->password.length);
+    user->auth.str= buff;
+    user->auth.length= scramble_length;
+  }
+
   user->password= user->auth.length ? user->auth : null_lex_str;
   user->plugin= empty_lex_str;
   user->auth= empty_lex_str;
@@ -5609,7 +5634,7 @@ static bool has_auth(LEX_USER *user, LEX *lex)
 
 static bool copy_and_check_auth(LEX_USER *to, LEX_USER *from, THD *thd)
 {
-  if (fix_lex_user(from))
+  if (fix_lex_user(thd, from))
     return true;
 
   if (to != from)
@@ -9308,7 +9333,7 @@ bool mysql_create_user(THD *thd, List <LEX_USER> &list, bool handle_as_role)
     if (!user_name->host.str)
       user_name->host= host_not_specified;
 
-    if (fix_lex_user(user_name))
+    if (fix_lex_user(thd, user_name))
     {
       append_user(thd, &wrong_users, user_name);
       result= TRUE;
diff --git a/sql/sql_yacc.yy b/sql/sql_yacc.yy
index d693c36177e49..367b05d7b03f2 100644
--- a/sql/sql_yacc.yy
+++ b/sql/sql_yacc.yy
@@ -40,7 +40,6 @@
 #include "sql_table.h"                        /* primary_key_name */
 #include "sql_partition.h"  /* mem_alloc_error, partition_info, HASH_PARTITION */
 #include "sql_acl.h"                          /* *_ACL */
-#include "password.h"       /* my_make_scrambled_password_323, my_make_scrambled_password */
 #include "sql_class.h"      /* Key_part_spec, enum_filetype, Diag_condition_item_name */
 #include "slave.h"
 #include "lex_symbol.h"
@@ -15525,29 +15524,6 @@ grant_user:
             $$=$1; $1->password=$4;
             if (Lex->sql_command == SQLCOM_REVOKE)
               MYSQL_YYABORT;
-            if ($4.length)
-            {
-              if (thd->variables.old_passwords == 1)
-              {
-                char *buff= 
-                  (char *) thd->alloc(SCRAMBLED_PASSWORD_CHAR_LENGTH_323+1);
-                if (buff == NULL)
-                  MYSQL_YYABORT;
-                my_make_scrambled_password_323(buff, $4.str, $4.length);
-                $1->auth.str= buff;
-                $1->auth.length= SCRAMBLED_PASSWORD_CHAR_LENGTH_323;
-              }
-              else
-              {
-                char *buff= 
-                  (char *) thd->alloc(SCRAMBLED_PASSWORD_CHAR_LENGTH+1);
-                if (buff == NULL)
-                  MYSQL_YYABORT;
-                my_make_scrambled_password(buff, $4.str, $4.length);
-                $1->auth.str= buff;
-                $1->auth.length= SCRAMBLED_PASSWORD_CHAR_LENGTH;
-              }
-            }
           }
         | user IDENTIFIED_SYM BY PASSWORD TEXT_STRING
           {