diff --git a/passwd.c b/passwd.c
index 809c931..5d7a9d1 100644
--- a/passwd.c
+++ b/passwd.c
@@ -18,6 +18,7 @@
 
 /** Utility for setting new password **/
 
+#include <errno.h>
 #include <stdio.h>
 #include <stdlib.h>
 #include <string.h>
@@ -55,7 +56,25 @@ static char *read_password(const char *prompt) {
     return password;
 }
 
-int main(void) {
+static int main_remove_password(void) {
+    int ret = EXIT_FAILURE;
+
+    if (termux_remove_passwd()) {
+        puts("Password login successfully disabled.");
+        ret = EXIT_SUCCESS;
+    } else {
+        if (errno == EISDIR) {
+            printf("Unexpectedly found directory where hashed password should be ("
+                   AUTH_HASH_FILE_PATH
+                   "), ignoring\n");
+        }
+        puts("Failed to disable password login.");
+    }
+
+    return ret;
+}
+
+static int main_set_password(void) {
     char *password;
     char *password_confirmation;
     int ret = EXIT_FAILURE;
@@ -93,5 +112,22 @@ int main(void) {
     free(password);
     free(password_confirmation);
 
-    return EXIT_SUCCESS;
+    return ret;
+}
+
+int main(int argc, char **argv) {
+    switch (argc) {
+    case 1:
+        return main_set_password();
+    case 2:
+        if (strcmp(argv[1], "-d") == 0 || strcmp(argv[1], "-l") == 0) {
+            return main_remove_password();
+        }
+        // otherwise, fall through
+    default:
+        fprintf(stderr,
+                "Run %s without args to set a password. Pass option -d to disable authentication credentials (lock account).\n",
+                argv[0]);
+        return EXIT_FAILURE;
+    }
 }
diff --git a/termux-auth.c b/termux-auth.c
index 281882a..863e049 100644
--- a/termux-auth.c
+++ b/termux-auth.c
@@ -22,6 +22,7 @@
 #include <string.h>
 #include <termios.h>
 #include <unistd.h>
+#include <errno.h>
 
 #include <openssl/sha.h>
 #include <openssl/evp.h>
@@ -89,6 +90,14 @@ bool termux_change_passwd(const char *new_password) {
     return is_password_changed;
 }
 
+// Remove file that stores password hash
+// Return true on success, false otherwise.
+bool termux_remove_passwd(void) {
+    int n = unlink(AUTH_HASH_FILE_PATH);
+
+    return n == 0 || errno == ENOENT;
+}
+
 // Check validity of password (user name is ignored).
 // Return true if password is ok, otherwise return false.
 bool termux_auth(const char *user, const char *password) {
diff --git a/termux-auth.h b/termux-auth.h
index bee3ba1..43c48ab 100644
--- a/termux-auth.h
+++ b/termux-auth.h
@@ -27,6 +27,10 @@ unsigned char *termux_passwd_hash(const char *password);
 // Return true on success, false otherwise.
 bool termux_change_passwd(const char *new_password);
 
+// Remove file that stores password hash
+// Return true on success, false otherwise.
+bool termux_remove_passwd(void);
+
 // Check validity of password (user name is ignored).
 // Return true if password is ok, otherwise return false.
 bool termux_auth(const char *user, const char *password);