diff --git a/settings.json.template b/settings.json.template
index 38e826792..5868af6a3 100644
--- a/settings.json.template
+++ b/settings.json.template
@@ -59,6 +59,9 @@
 
   /* Users may edit pads but not create new ones. Pad creation is only via the API. This applies both to group pads and regular pads. */
   "editOnly" : false,
+
+  /* Users, who have a valid session, automatically get granted access to password protected pads */
+  "sessionNoPassword" : false,
   
   /* if true, all css & js will be minified before sending to the client. This will improve the loading performance massivly, 
      but makes it impossible to debug the javascript/css */
diff --git a/src/node/db/SecurityManager.js b/src/node/db/SecurityManager.js
index 6388f096f..df3c38267 100644
--- a/src/node/db/SecurityManager.js
+++ b/src/node/db/SecurityManager.js
@@ -223,6 +223,12 @@ exports.checkAccess = function (padID, sessionCookie, token, password, callback)
           //--> grant access
           statusObject = {accessStatus: "grant", authorID: sessionAuthor};
         }
+        //- the setting to bypass password validation is set
+        else if(settings.sessionNoPassword)
+        {
+          //--> grant access
+          statusObject = {accessStatus: "grant", authorID: sessionAuthor};
+        }
         //- the pad is password protected and password is correct
         else if(isPasswordProtected && passwordStatus == "correct")
         {
diff --git a/src/node/utils/Settings.js b/src/node/utils/Settings.js
index 4c6b7ea40..8b17a6d34 100644
--- a/src/node/utils/Settings.js
+++ b/src/node/utils/Settings.js
@@ -109,6 +109,11 @@ exports.requireSession = false;
  */
 exports.editOnly = false;
 
+/**
+ * A flag that bypasses password prompts for users with valid sessions
+ */
+exports.sessionNoPassword = false;
+
 /**
  * Max age that responses will have (affects caching layer).
  */