diff --git a/lib/private/AppFramework/Middleware/Security/PasswordConfirmationMiddleware.php b/lib/private/AppFramework/Middleware/Security/PasswordConfirmationMiddleware.php
index ce997d1701600..6ac27ee3aa53f 100644
--- a/lib/private/AppFramework/Middleware/Security/PasswordConfirmationMiddleware.php
+++ b/lib/private/AppFramework/Middleware/Security/PasswordConfirmationMiddleware.php
@@ -56,10 +56,8 @@ public function beforeController(Controller $controller, string $methodName) {
 		$backendClassName = '';
 		if ($user !== null) {
 			$backend = $user->getBackend();
-			if ($backend instanceof IPasswordConfirmationBackend) {
-				if (!$backend->canConfirmPassword($user->getUID())) {
-					return;
-				}
+			if ($backend instanceof IPasswordConfirmationBackend && !$backend->canConfirmPassword($user->getUID())) {
+				return;
 			}
 
 			$backendClassName = $user->getBackendClassName();
@@ -74,7 +72,7 @@ public function beforeController(Controller $controller, string $methodName) {
 		}
 
 		$scope = $token->getScopeAsArray();
-		if (isset($scope[IToken::SCOPE_SKIP_PASSWORD_VALIDATION]) && $scope[IToken::SCOPE_SKIP_PASSWORD_VALIDATION] === true) {
+		if (($scope[IToken::SCOPE_SKIP_PASSWORD_VALIDATION] ?? false) === true) {
 			// Users logging in from SSO backends cannot confirm their password by design
 			return;
 		}