diff --git a/src/main/java/de/ozgcloud/operator/keycloak/user/KeycloakUserRemoteService.java b/src/main/java/de/ozgcloud/operator/keycloak/user/KeycloakUserRemoteService.java
index a6c56c18c4126ed07665587dd5df798aff6f5c6d..aa80a7419274675aca83b342f1684df3672fd9c3 100644
--- a/src/main/java/de/ozgcloud/operator/keycloak/user/KeycloakUserRemoteService.java
+++ b/src/main/java/de/ozgcloud/operator/keycloak/user/KeycloakUserRemoteService.java
@@ -154,10 +154,10 @@ class KeycloakUserRemoteService {
 		return StringUtils.isEmpty(userPassword) ? generateRandomPasswordForKeycloak() : userPassword;
 	}
 
-	private String generateRandomPasswordForKeycloak() {
+	String generateRandomPasswordForKeycloak() {
 		log.log(Level.INFO, "Generate password...");
-		var upperCaseCharacter = RandomStringUtils.random(1).toUpperCase();
-		var randomString = RandomStringUtils.random(7);
+		var upperCaseCharacter = RandomStringUtils.randomAlphabetic(1).toUpperCase();
+		var randomString = RandomStringUtils.randomAlphanumeric(7);
 		log.log(Level.INFO, "Password generated: " + (upperCaseCharacter + randomString));
 		return upperCaseCharacter + randomString;
 	}
diff --git a/src/test/java/de/ozgcloud/operator/keycloak/user/KeycloakUserRemoteServiceTest.java b/src/test/java/de/ozgcloud/operator/keycloak/user/KeycloakUserRemoteServiceTest.java
index 12b7fce2824570adf3867e619ca50c981d620fce..2bc3183ce09849316e3a298e0aaea33e504d2ac0 100644
--- a/src/test/java/de/ozgcloud/operator/keycloak/user/KeycloakUserRemoteServiceTest.java
+++ b/src/test/java/de/ozgcloud/operator/keycloak/user/KeycloakUserRemoteServiceTest.java
@@ -420,11 +420,35 @@ class KeycloakUserRemoteServiceTest {
 
 		@Test
 		void shouldGeneratePasswordIfNotExists() {
-			var password = userRemoteService.getPassword(StringUtils.EMPTY);
+			userRemoteService.getPassword(StringUtils.EMPTY);
 
-			assertThat(password).isNotEmpty();
-			assertThat(StringUtils.substring(password, 0, 1)).isUpperCase();
-			assertThat(StringUtils.substring(password, 1, password.length())).isUpperCase();
+			verify(userRemoteService).generateRandomPasswordForKeycloak();
+		}
+
+		@DisplayName("generate random password for keycloak")
+		@Nested
+		class TestGenerateRandomPasswordForKeycloak {
+
+			@Test
+			void shouldHaveSize() {
+				var password = userRemoteService.getPassword(StringUtils.EMPTY);
+
+				assertThat(password).hasSize(8);
+			}
+
+			@Test
+			void shouldHaveUpperCaseLetterAtFirst() {
+				var password = userRemoteService.getPassword(StringUtils.EMPTY);
+
+				assertThat(StringUtils.substring(password, 0, 1)).isUpperCase();
+			}
+
+			@Test
+			void shouldContainsAlphanumericOnly() {
+				var password = userRemoteService.getPassword(StringUtils.EMPTY);
+
+				assertThat(password).isAlphanumeric();
+			}
 		}
 	}