diff --git a/src/libtdeldap.cpp b/src/libtdeldap.cpp
index 0d3aba9..fea7662 100644
--- a/src/libtdeldap.cpp
+++ b/src/libtdeldap.cpp
@@ -299,7 +299,7 @@ int LDAPManager::bind(TQString* errstr) {
 			if (!m_creds) {
 				m_creds = new LDAPCredentials();
 				m_creds->username = passdlg.m_base->ldapAdminUsername->text();
-				m_creds->password = passdlg.m_base->ldapAdminPassword->password().utf8();
+				m_creds->password = passdlg.m_base->ldapAdminPassword->password();
 				m_creds->realm = passdlg.m_base->ldapAdminRealm->currentText();
 				m_creds->use_tls = passdlg.m_base->ldapUseTLS->isOn();
 				m_creds->use_gssapi = passdlg.use_gssapi;
@@ -349,7 +349,7 @@ int LDAPManager::bind(TQString* errstr) {
 		char* mechanism = NULL;
 		struct berval cred;
 		TQString ldap_dn = m_creds->username;
-		TQCString pass = m_creds->password;
+		TQCString pass = m_creds->password.utf8();
 		cred.bv_val = pass.data();
 		cred.bv_len = pass.length();
 		if ((!using_ldapi && !m_creds->use_gssapi)) {
@@ -1353,7 +1353,9 @@ int LDAPManager::bindKAdmin(LDAPCredentials *administrativeCredentials, TQString
 		}
 		else {
 			// Password authentication / bind
- 			krb5adm_ret = kadm5_init_with_password_ctx(m_krb5admContext, adminPrincipal.ascii(), admincreds.password.data(), KADM5_ADMIN_SERVICE, &params, KADM5_STRUCT_VERSION, KADM5_API_VERSION_2, &m_krb5admHandle);
+ 			krb5adm_ret = kadm5_init_with_password_ctx(m_krb5admContext, adminPrincipal.ascii(),
+ 			 		admincreds.password.utf8().data(), KADM5_ADMIN_SERVICE, &params,
+ 			 		KADM5_STRUCT_VERSION, KADM5_API_VERSION_2, &m_krb5admHandle);
 			if (krb5adm_ret) {
 				if (errstr) *errstr = i18n("%1<p>Details:<br>Failed to execute kadm5_init_with_password (code %2)").arg(krb5_get_error_message(m_krb5admContext, krb5adm_ret)).arg(krb5adm_ret);
 			}
@@ -1409,7 +1411,7 @@ int LDAPManager::setPasswordForUser(LDAPUserInfo user, TQString *errstr) {
 			if (errstr) *errstr = i18n("%1<p>Details:<br>Failed to execute krb5_parse_name for user '%2' (code %3)").arg(krb5_get_error_message(m_krb5admContext, krb5adm_ret)).arg(user.name).arg(krb5adm_ret);
 		}
 		else {
-			krb5adm_ret = kadm5_chpass_principal(m_krb5admHandle, user_kadm5_principal, user.new_password.data());
+			krb5adm_ret = kadm5_chpass_principal(m_krb5admHandle, user_kadm5_principal, user.new_password.utf8().data());
 			if (krb5adm_ret) {
 				if (errstr) *errstr = i18n("%1<p>Details:<br>Failed to execute kadm5_chpass_principal for user '%2' (code %3)").arg(krb5_get_error_message(m_krb5admContext, krb5adm_ret)).arg(user.name).arg(krb5adm_ret);
 			}
@@ -1699,7 +1701,7 @@ int LDAPManager::getKerberosPassword(LDAPCredentials &creds, TQString prompt, bo
 	const int ret = passdlg.exec();
 	if (ret == KDialog::Accepted) {
 		creds.username = passdlg.m_base->ldapAdminUsername->text();
-		creds.password = passdlg.m_base->ldapAdminPassword->password().utf8();
+		creds.password = passdlg.m_base->ldapAdminPassword->password();
 		creds.realm = passdlg.m_base->ldapAdminRealm->currentText();
 		creds.service = passdlg.m_base->kerberosServicePrincipal->text();
 		creds.use_tls = passdlg.m_base->ldapUseTLS->isOn();
@@ -1786,14 +1788,14 @@ int LDAPManager::obtainKerberosTicket(LDAPCredentials creds, TQString principal,
 			TQString password;
 			int result = KPasswordDialog::getPassword(password, prompt);
 			if (result == KPasswordDialog::Accepted) {
-				creds.password = password.utf8();
+				creds.password = password;
 			}
 			else {
 				return 0;
 			}
 		}
 		kinitProc.enableLocalEcho(false);
-		kinitProc.writeLine(creds.password, true);
+		kinitProc.writeLine(creds.password.utf8(), true);
 		do { // Discard our own input
 			prompt = readFullLineFromPtyProcess(&kinitProc);
 			printf("(kinit) '%s'\n", prompt.ascii());
@@ -3646,7 +3648,7 @@ int LDAPManager::setLDAPMasterReplicationSettings(LDAPMasterReplicationInfo repl
 				passdlg.m_base->ldapAdminUsername->setEnabled(false);
 				passdlg.m_base->ldapAdminUsername->setText(replicationinfo.syncDN);
 				if (passdlg.exec() == TQDialog::Accepted) {
-					replicationinfo.syncPassword = passdlg.m_base->ldapAdminPassword->password().utf8();
+					replicationinfo.syncPassword = passdlg.m_base->ldapAdminPassword->password();
 				}
 			}
 
@@ -5538,7 +5540,8 @@ bool LDAPManager::pkcsLoginEnabled() {
 	return enabled;
 }
 
-int LDAPManager::bondRealm(TQString adminUserName, const char * adminPassword, TQString adminRealm, TQString *errstr) {
+int LDAPManager::bondRealm(const TQString &adminUserName, const TQString &adminPassword,
+				const TQString &adminRealm, TQString *errstr) {
 	LDAPCredentials admincreds;
 	admincreds.username = adminUserName;
 	admincreds.password = adminPassword;
@@ -5566,7 +5569,8 @@ int LDAPManager::bondRealm(TQString adminUserName, const char * adminPassword, T
 	return retcode;
 }
 
-int LDAPManager::unbondRealm(LDAPRealmConfig realmcfg, TQString adminUserName, const char * adminPassword, TQString adminRealm, TQString *errstr) {
+int LDAPManager::unbondRealm(LDAPRealmConfig realmcfg, const TQString &adminUserName,
+					const TQString &adminPassword, const TQString &adminRealm, TQString *errstr) {
 	Q_UNUSED(realmcfg);
 
 	LDAPCredentials admincreds;
diff --git a/src/libtdeldap.h b/src/libtdeldap.h
index 9121c45..e75d94d 100644
--- a/src/libtdeldap.h
+++ b/src/libtdeldap.h
@@ -176,7 +176,7 @@ class LDAPCredentials
 
 	public:
 		TQString username;
-		TQCString password;
+		TQString password;
 		TQString realm;
 		bool use_tls;
 		bool use_gssapi;
@@ -292,7 +292,7 @@ class LDAPUserInfo
 		gid_t primary_gid;
 		bool tde_builtin_account;
 		LDAPKRB5Flags status;			// Default active user is 586 [KRB5_ACTIVE_DEFAULT] and locked out user is 7586 [KRB5_DISABLED_ACCOUNT]
-		TQCString new_password;
+		TQString new_password;
 		TQDateTime account_created;
 		TQDateTime account_modified;
 		TQDateTime password_last_changed;
@@ -450,7 +450,7 @@ class LDAPMasterReplicationInfo
 		int timeout;
 		int syncMethod;
 		TQString syncDN;
-		TQCString syncPassword;
+		TQString syncPassword;
 		TQString certificateFile;
 		TQString caCertificateFile;
 		bool ignore_ssl_failure;
@@ -589,8 +589,10 @@ class LDAPManager : public TQObject {
 		static int writePAMFiles(LDAPPamConfig pamConfig, TQString *errstr=0);
 		static bool pkcsLoginEnabled();
 
-		static int bondRealm(TQString adminUserName, const char * adminPassword, TQString adminRealm, TQString *errstr=0);
-		static int unbondRealm(LDAPRealmConfig realmcfg, TQString adminUserName, const char * adminPassword, TQString adminRealm, TQString *errstr=0);
+		static int bondRealm(const TQString &adminUserName, const TQString &adminPassword,
+					const TQString &adminRealm, TQString *errstr=0);
+		static int unbondRealm(LDAPRealmConfig realmcfg, const TQString &adminUserName,
+					const TQString &adminPassword, const TQString &adminRealm, TQString *errstr=0);
 
 	private:
 		int bindKAdmin(LDAPCredentials *administrativeCredentials=NULL, TQString *errstr=0);