diff --git a/datamodels/2.x/authent-local/model.authent-local.php b/datamodels/2.x/authent-local/model.authent-local.php
index 82722d96d..9b3b6772d 100755
--- a/datamodels/2.x/authent-local/model.authent-local.php
+++ b/datamodels/2.x/authent-local/model.authent-local.php
@@ -177,8 +177,20 @@ class UserLocal extends UserInternal
 
 	protected function OnUpdate()
 	{
-		parent::OnUpdate(); // TODO: Change the autogenerated stub
+		parent::OnUpdate();
 
+		$this->OnWrite();
+	}
+
+	protected function OnInsert()
+	{
+		parent::OnInsert();
+
+		$this->OnWrite();
+	}
+
+	protected function OnWrite()
+	{
 		if (empty($this->m_oPasswordValidity))
 		{
 			return;
@@ -204,6 +216,7 @@ class UserLocal extends UserInternal
 		return (empty($this->m_oPasswordValidity)) || ($this->m_oPasswordValidity->isPasswordValid());
 	}
 
+
 	public function getPasswordValidityMessage()
 	{
 		if (ContextTag::Check(ContextTag::TAG_SETUP))
@@ -220,7 +233,6 @@ class UserLocal extends UserInternal
 		return $this->m_oPasswordValidity->getPasswordValidityMessage();
 	}
 
-
 	/**
 	 * set the $m_oPasswordValidity based on UserLocalPasswordValidator instances vote.
 	 *
@@ -281,7 +293,7 @@ class UserLocal extends UserInternal
 		{
 			if (strpos('contactid,login,language,password,status,profile_list,allowed_org_list', $sAttCode) !== false)
 			{
-				// contactid and allowed_org_list are disabled to make sure the portal remains accessible 
+				// contactid and allowed_org_list are disabled to make sure the portal remains accessible
 				$aReasons[] = 'Sorry, this attribute is read-only in the demonstration mode!';
 				$iFlags |= OPT_ATT_READONLY;
 			}
diff --git a/test/coreExtensions/UserLocalTest.php b/test/coreExtensions/UserLocalTest.php
index 3d166d4ef..b05ba6be3 100644
--- a/test/coreExtensions/UserLocalTest.php
+++ b/test/coreExtensions/UserLocalTest.php
@@ -8,6 +8,7 @@
 namespace coreExtensions;
 
 
+use Combodo\iTop\Test\UnitTest\ItopDataTestCase;
 use Combodo\iTop\Test\UnitTest\ItopTestCase;
 use UserLocal;
 use UserLocalPasswordPolicyMockNotValid;
@@ -24,7 +25,7 @@ use UserPasswordPolicyRegex;
  * @preserveGlobalState disabled
  * @backupGlobals disabled
  */
-class UserLocalTest extends ItopTestCase
+class UserLocalTest extends ItopDataTestCase
 {
 
 	public function setUp()
@@ -274,11 +275,30 @@ class UserLocalTest extends ItopTestCase
 			\MetaModel::NewObject('URP_UserProfile', array('profileid' => 1))
 		);
 
+
 		$this->assertEquals($oBefore, $oUserLocal->Get('password_renewed_date'));
 
-		$oUserLocal->Set('password', 'foo');
+		//INSERT
+		$oUserLocal->Set('password', 'fooBar1???');
+		$oUserLocal->DBWrite();
+		$this->assertEquals($oBefore, $oUserLocal->Get('password_renewed_date'), 'INSERT changes the "password_renewed_date"');
 
-		$this->assertEquals($oExpectedAfter, $oUserLocal->Get('password_renewed_date'));
+		//UPDATE password_renewed_date
+		$oUserLocal->Set('password_renewed_date', $oBefore);
+		$oUserLocal->DBWrite();
+		$this->assertEquals($oBefore, $oUserLocal->Get('password_renewed_date'), 'UPDATE can target and change the "password_renewed_date"');
+
+		//UPDATE password
+		$oUserLocal->Set('password', 'fooBar1???1');
+		$oUserLocal->DBWrite();
+		$this->assertEquals($oExpectedAfter, $oUserLocal->Get('password_renewed_date'), 'UPDATE "password" fields trigger automatic change of the  "password_renewed_date" field');
+
+
+		//UPDATE both password & password_renewed_date
+		$oUserLocal->Set('password', 'fooBar1???2');
+		$oUserLocal->Set('password_renewed_date', $oBefore);
+		$oUserLocal->DBWrite();
+		$this->assertEquals($oBefore, $oUserLocal->Get('password_renewed_date'), 'UPDATE can target and change both "password" and "password_renewed_date"');
 	}
 
 	public function ProviderPasswordRenewal()