diff --git a/mRemoteNGTests/Config/Serializers/ConnectionSerializers/Xml/XmlRootNodeSerializerTests.cs b/mRemoteNGTests/Config/Serializers/ConnectionSerializers/Xml/XmlRootNodeSerializerTests.cs
index 9ad944a22..751dd3711 100644
--- a/mRemoteNGTests/Config/Serializers/ConnectionSerializers/Xml/XmlRootNodeSerializerTests.cs
+++ b/mRemoteNGTests/Config/Serializers/ConnectionSerializers/Xml/XmlRootNodeSerializerTests.cs
@@ -97,6 +97,36 @@ public class XmlRootNodeSerializerTests
         Assert.That(attributeValuePlainText, Is.EqualTo(expectedPlainText));
     }
 
+    [Test]
+    public void ProtectedStringSerializedWhenPasswordPropertySetDirectly()
+    {
+        // Simulate edge case where Password property is set to true directly
+        // without setting PasswordString (leaving _customPassword empty)
+        _rootNodeInfo.Password = true;
+        var element = _rootNodeSerializer.SerializeRootNodeInfo(_rootNodeInfo, _cryptographyProvider, _version);
+        var attributeValue = element.Attribute(XName.Get("Protected"))?.Value;
+        // Should use default password and serialize as "ThisIsNotProtected"
+        var attributeValuePlainText =
+            _cryptographyProvider.Decrypt(attributeValue, _rootNodeInfo.PasswordString.ConvertToSecureString());
+        Assert.That(attributeValuePlainText, Is.EqualTo("ThisIsNotProtected"));
+    }
+
+    [Test]
+    public void FullFileEncryptionWorksWithPasswordPropertySetDirectly()
+    {
+        // Simulate edge case where Password property is set to true directly
+        // This should not cause encryption to fail
+        _rootNodeInfo.Password = true;
+        var element = _rootNodeSerializer.SerializeRootNodeInfo(_rootNodeInfo, _cryptographyProvider, _version, fullFileEncryption: true);
+        var fullFileEncryptionValue = element.Attribute(XName.Get("FullFileEncryption"))?.Value;
+        Assert.That(bool.Parse(fullFileEncryptionValue), Is.True);
+        // Verify Protected attribute can be decrypted successfully
+        var protectedValue = element.Attribute(XName.Get("Protected"))?.Value;
+        Assert.That(protectedValue, Is.Not.Null.And.Not.Empty);
+        var decryptedProtected = _cryptographyProvider.Decrypt(protectedValue, _rootNodeInfo.PasswordString.ConvertToSecureString());
+        Assert.That(decryptedProtected, Is.EqualTo("ThisIsNotProtected"));
+    }
+
     [Test]
     public void ConfVersionSerialized()
     {