diff --git a/core/admin/mailu/models.py b/core/admin/mailu/models.py
index 57c82c6b..4f878bf7 100644
--- a/core/admin/mailu/models.py
+++ b/core/admin/mailu/models.py
@@ -637,7 +637,7 @@ in clear-text regardless of the presence of the cache.
 set() containing the sessions to keep
         """
         self.password = password if raw else User.get_password_context().hash(password)
-        if keep_sessions is not True:
+        if keep_sessions is not True and self.email is not None:
             utils.MailuSessionExtension.prune_sessions(uid=self.email, keep=keep_sessions)
 
     def get_managed_domains(self):
diff --git a/towncrier/newsfragments/3411.bugfix b/towncrier/newsfragments/3411.bugfix
new file mode 100644
index 00000000..3b1e80ed
--- /dev/null
+++ b/towncrier/newsfragments/3411.bugfix
@@ -0,0 +1 @@
+Ensure we do not nuke all web-sessions when a password is changed using the command line