diff --git a/tests/hwsim/auth_serv/eap_user.conf b/tests/hwsim/auth_serv/eap_user.conf
index 102d0f36f..6ef5470a1 100644
--- a/tests/hwsim/auth_serv/eap_user.conf
+++ b/tests/hwsim/auth_serv/eap_user.conf
@@ -1,4 +1,5 @@
 "pwd user"	PWD	"secret password"
+"pwd-hash"	PWD	hash:e3718ece8ab74792cbbfffd316d2d19a
 "pwd.user@test123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890.example.com"	PWD	"secret password"
 "gpsk user"	GPSK	"abcdefghijklmnop0123456789abcdef"
 "sake user"	SAKE	0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef
diff --git a/tests/hwsim/test_ap_eap.py b/tests/hwsim/test_ap_eap.py
index afc89c921..7ce9a2610 100644
--- a/tests/hwsim/test_ap_eap.py
+++ b/tests/hwsim/test_ap_eap.py
@@ -1759,6 +1759,18 @@ def test_ap_wpa2_eap_pwd(dev, apdev):
                 password="secret password",
                 fragment_size="31")
 
+def test_ap_wpa2_eap_pwd_nthash(dev, apdev):
+    """WPA2-Enterprise connection using EAP-pwd and NTHash"""
+    check_eap_capa(dev[0], "PWD")
+    params = hostapd.wpa2_eap_params(ssid="test-wpa2-eap")
+    hostapd.add_ap(apdev[0]['ifname'], params)
+    eap_connect(dev[0], apdev[0], "PWD", "pwd-hash", password="secret password")
+    eap_connect(dev[1], apdev[0], "PWD", "pwd-hash",
+                password_hex="hash:e3718ece8ab74792cbbfffd316d2d19a")
+    eap_connect(dev[2], apdev[0], "PWD", "pwd user",
+                password_hex="hash:e3718ece8ab74792cbbfffd316d2d19a",
+                expect_failure=True, local_error_report=True)
+
 def test_ap_wpa2_eap_pwd_groups(dev, apdev):
     """WPA2-Enterprise connection using various EAP-pwd groups"""
     check_eap_capa(dev[0], "PWD")