diff --git a/lib/Controller/DocumentAPIController.php b/lib/Controller/DocumentAPIController.php
index e26253d633..f8e69cfeb3 100644
--- a/lib/Controller/DocumentAPIController.php
+++ b/lib/Controller/DocumentAPIController.php
@@ -65,9 +65,11 @@ public function create(string $mimeType, string $fileName, string $directoryPath
 				$share = $this->shareManager->getShareByToken($shareToken);
 
 				if ($share->getPassword()) {
-					if (!$this->session->exists('public_link_authenticated')
-						|| $this->session->get('public_link_authenticated') !== (string)$share->getId()
-					) {
+					$authenticatedLinks = $this->session->get('public_link_authenticated');
+
+					$isAuthenticated = (is_array($authenticatedLinks) && in_array($share->getId(), $authenticatedLinks));
+					$isAuthenticated = $isAuthenticated || ($authenticatedLinks === (string)$share->getId());
+					if (!$isAuthenticated) {
 						throw new Exception('Invalid password');
 					}
 				}
diff --git a/lib/Controller/DocumentController.php b/lib/Controller/DocumentController.php
index e4742bf4ae..89c9e08d77 100644
--- a/lib/Controller/DocumentController.php
+++ b/lib/Controller/DocumentController.php
@@ -242,9 +242,11 @@ public function remote(string $shareToken, string $remoteServer, string $remoteS
 			$share = $this->shareManager->getShareByToken($shareToken);
 			// not authenticated ?
 			if ($share->getPassword()) {
-				if (!$this->session->exists('public_link_authenticated')
-					|| $this->session->get('public_link_authenticated') !== (string)$share->getId()
-				) {
+				$authenticatedLinks = $this->session->get('public_link_authenticated');
+
+				$isAuthenticated = (is_array($authenticatedLinks) && in_array($share->getId(), $authenticatedLinks));
+				$isAuthenticated = $isAuthenticated || ($authenticatedLinks === (string)$share->getId());
+				if (!$isAuthenticated) {
 					throw new Exception('Invalid password');
 				}
 			}
@@ -459,9 +461,12 @@ private function getFileForUser(int $fileId, ?string $path = null): File {
 	private function getFileForShare(IShare $share, ?int $fileId, ?string $path = null): File {
 		// not authenticated ?
 		if ($share->getPassword()) {
-			if (!$this->session->exists('public_link_authenticated')
-				|| $this->session->get('public_link_authenticated') !== (string)$share->getId()
-			) {
+			$authenticatedLinks = $this->session->get('public_link_authenticated');
+
+			$isAuthenticated = (is_array($authenticatedLinks) && in_array($share->getId(), $authenticatedLinks));
+			$isAuthenticated = $isAuthenticated || ($authenticatedLinks === (string)$share->getId());
+
+			if (!$isAuthenticated) {
 				throw new NotPermittedException('Invalid password');
 			}
 		}