diff --git a/auth_saml/models/ir_config_parameter.py b/auth_saml/models/ir_config_parameter.py
index 9fb503afac..dd8677d0fa 100644
--- a/auth_saml/models/ir_config_parameter.py
+++ b/auth_saml/models/ir_config_parameter.py
@@ -27,3 +27,13 @@ def write(self, vals):
         if self.filtered(lambda param: param.key == ALLOW_SAML_UID_AND_PASSWORD):
             self.env["res.users"].allow_saml_and_password_changed()
         return result
+
+    def unlink(self):
+        """Redefined to update users when our parameter is deleted."""
+        param_saml = self.filtered(
+            lambda param: param.key == ALLOW_SAML_UID_AND_PASSWORD
+        )
+        result = super().unlink()
+        if result and param_saml:
+            self.env["res.users"].allow_saml_and_password_changed()
+        return result
diff --git a/auth_saml/tests/test_pysaml.py b/auth_saml/tests/test_pysaml.py
index d49e995d8a..e7263f71f9 100644
--- a/auth_saml/tests/test_pysaml.py
+++ b/auth_saml/tests/test_pysaml.py
@@ -179,7 +179,7 @@ def test_login_with_saml(self):
         # User should now be able to log in with the token
         self.authenticate(user="test@example.com", password=token)
 
-    def test_disallow_user_password_when_changing_setting(self):
+    def test_disallow_user_password_when_changing_ir_config_parameter(self):
         """Test that disabling users from having both a password and SAML ids remove
         users password."""
         # change the option
@@ -273,3 +273,26 @@ def test_disallow_user_admin_can_have_password(self):
         ).value = "False"
         # Test base.user_admin exception
         self.env.ref("base.user_admin").password = "nNRST4j*->sEatNGg._!"
+
+    def test_disallow_user_password_when_changing_settings(self):
+        """Test that disabling the setting will remove passwords from related users"""
+        # We activate the settings to allow password login
+        self.env["res.config.settings"].create(
+            {
+                "allow_saml_uid_and_internal_password": True,
+            }
+        ).execute()
+
+        # Test the user can login with the password
+        self.authenticate(user="user@example.com", password="NesTNSte9340D720te>/-A")
+
+        self.env["res.config.settings"].create(
+            {
+                "allow_saml_uid_and_internal_password": False,
+            }
+        ).execute()
+
+        with self.assertRaises(AccessDenied):
+            self.authenticate(
+                user="user@example.com", password="NesTNSte9340D720te>/-A"
+            )