diff --git a/account/newuser.in b/account/newuser.in
index 4525fb6acffc936f659f71da774bedc35bb11411..2a0617495fadcf4bd660416db135b64e5ef20538 100644
--- a/account/newuser.in
+++ b/account/newuser.in
@@ -1,7 +1,7 @@
 #!/usr/bin/perl -wT
 #
 # EMULAB-COPYRIGHT
-# Copyright (c) 2000-2007 University of Utah and the Flux Group.
+# Copyright (c) 2000-2008 University of Utah and the Flux Group.
 # All rights reserved.
 #
 use English;
@@ -274,23 +274,29 @@ UserError("Email address already in use; please pick another!")
 # Check the password.
 #
 my $pswd = $xmlparse->{'attribute'}->{'password'}->{'value'};
-	
-my $checkpass_args = escapeshellarg($pswd);
-$checkpass_args   .= " " .
-    (exists($newuser_args{'uid'}) ? $newuser_args{'uid'} : "ignored");
-$checkpass_args   .= escapeshellarg($newuser_args{'usr_name'} . ":" .
-				    $newuser_args{'usr_email'});
+
+# Admins can "star" the password entry.
+if ($this_user->IsAdmin() && $pswd eq "*") {
+    $newuser_args{'usr_pswd'} = "*";
+}
+else {
+    my $checkpass_args = escapeshellarg($pswd);
+    $checkpass_args   .= " " .
+	(exists($newuser_args{'uid'}) ? $newuser_args{'uid'} : "ignored");
+    $checkpass_args   .= escapeshellarg($newuser_args{'usr_name'} . ":" .
+					$newuser_args{'usr_email'});
     
-my $pwokay = `$checkpass $checkpass_args`;
-if ($?) {
-    chomp($pwokay);
+    my $pwokay = `$checkpass $checkpass_args`;
+    if ($?) {
+	chomp($pwokay);
     
-    if (! ($pwokay =~ /^ok$/)) {
-	UserError("$pwokay");
+	if (! ($pwokay =~ /^ok$/)) {
+	    UserError("$pwokay");
+	}
+	fatal("Checkpass failed with $?");
     }
-    fatal("Checkpass failed with $?");
+    $newuser_args{'usr_pswd'} = crypt($pswd, "\$1\$" . substr(time(), 0, 8));
 }
-$newuser_args{'usr_pswd'} = crypt($pswd, "\$1\$" . substr(time(), 0, 8));
 
 #
 # Do a check on the pubkey if supplied. The safest thing to do is generate