diff --git a/server/internal/api/v1/auth/routes.go b/server/internal/api/v1/auth/routes.go
index 0ebe411e..97cb7a96 100644
--- a/server/internal/api/v1/auth/routes.go
+++ b/server/internal/api/v1/auth/routes.go
@@ -241,6 +241,9 @@ func loginAndSendResponse(c *gin.Context, loginFn func(db.TxHandler) (auth.Auth,
 			if errors.Is(err, auth.ErrTokenInvalid) {
 				return core.NewError(http.StatusUnauthorized, "token_invalid", "token invalid")
 			}
+			if e, ok := err.(*auth.PasswordRequirementsError); ok {
+				panic(core.NewError(http.StatusBadRequest, "new_password_invalid", e.Error()))
+			}
 			return err
 		} else if r, err := user.Bootstrap(c.Request.Context(), a, 0); err != nil {
 			return err