--- a/perl/lib/Wallet/Object/File.pm
+++ b/perl/lib/Wallet/Object/File.pm
@@ -249,8 +249,9 @@ sub _file_crypt {
     return $return_string;
 }
 
-sub file_decrypt {
-    my ($self, $data, $user, $host, $time) = @_;
+# Given a string decrypt it.
+sub string_decrypt {
+    my ($self, $data) = @_;
     my $key = $self->_get_crypt_key();
     my $undata;
     if (defined (&Wallet::Config::file_crypt)) {
@@ -264,6 +265,15 @@ sub file_decrypt {
         }
         $undata = $self->_file_crypt('decrypt', $key, $data);
     }
+    return $undata;
+}
+
+# Given a string decrypt it. If the string is not encrypted then the
+# input string string will match the decrypted string and the string
+# will be encrypted and stored to disk.
+sub file_decrypt {
+    my ($self, $data, $user, $host, $time) = @_;
+    my $undata = $self->string_decrypt($data);
     if ($undata eq $data) {
         $self->store($data, $user, $host, $time);
     }
--- a/perl/lib/Wallet/Object/Password.pm
+++ b/perl/lib/Wallet/Object/Password.pm
@@ -84,6 +84,44 @@ sub _pwd_xkcd {
     return $pass;
 }
 
+# Read the password file to disk.
+sub _read_pw_file {
+    my ($self, $path) = @_;
+    my $id = $self->{type} . ':' . $self->{name};
+
+    unless (open (FILE, '<', $path)) {
+        $self->error ("cannot get $id: object has not been stored");
+        return;
+    }
+    local $/;
+    my $data = <FILE>;
+    unless (close FILE) {
+        $self->error ("cannot get $id: $!");
+        return;
+    }
+    return $data;
+}
+
+# Write the password file to disk.
+sub _write_pw_file {
+    my ($self, $path, $data) = @_;
+    my $id = $self->{type} . ':' . $self->{name};
+
+    unless (open (FILE, '>', $path)) {
+        $self->error ("cannot open $path $!\n");
+        return 1;
+    }
+    if ($Wallet::Config::LDAP_SECRET) {
+        $data = Wallet::Object::File->file_encrypt($data);
+    }
+    print FILE $data;
+    unless (close FILE) {
+        $self->error ("cannot store $id: $!");
+        return 1;
+    }
+    return 0;
+}
+
 ##############################################################################
 # Shared methods
 ##############################################################################
@@ -135,34 +173,25 @@ sub retrieve {
             }
             return;
         }
-        unless (open (FILE, '>', $path)) {
-            $self->error ("cannot open $path $!\n");
+        if ($self->_write_pw_file($path, $pass)) {
             return;
         }
-        if ($Wallet::Config::LDAP_SECRET) {
-            $pass = Wallet::Object::File->file_encrypt($pass);
-        }
-        print FILE $pass;
         $self->log_action ('store', $user, $host, $time);
-        unless (close FILE) {
-            $self->error ("cannot get $id: $!");
-            return;
-        }
     }
 
-    unless (open (FILE, '<', $path)) {
-        $self->error ("cannot get $id: object has not been stored");
-        return;
-    }
-    local $/;
-    my $data = <FILE>;
-    unless (close FILE) {
-        $self->error ("cannot get $id: $!");
+    my $data = $self->_read_pw_file($path);
+    if (!$data) {
         return;
     }
     $self->log_action ($operation, $user, $host, $time);
     if ($Wallet::Config::LDAP_SECRET) {
-        $data = Wallet::Object::File->file_decrypt($data);
+        my $undata = Wallet::Object::File->string_decrypt($data);
+        if ($undata eq $data) {
+            my $endata = Wallet::Object::File->file_encrypt($data);
+            $self->_write_pw_file($path, $endata);
+            $self->log_action ($operation, $user, $host, $time);
+        }
+        $data = $undata;
     }
     return $data;
 }