diff --git a/lib/ansible/modules/user.py b/lib/ansible/modules/user.py
index 5ea7b24a316..e1f0edd60c7 100644
--- a/lib/ansible/modules/user.py
+++ b/lib/ansible/modules/user.py
@@ -2730,6 +2730,27 @@ class BusyBox(User):
         - modify_user()
     """
 
+    # This can probably just move out to User, it might be useful in
+    # other strategies some day.
+    def _disable_password_in_shadow_or_fail(self, username):
+        try:
+            self.backup_shadow()
+            out_lines = []
+            with open(self.SHADOWFILE, 'r') as f:
+                for line in f.readlines():
+                    components = line.split(':')
+                    if components[0] == self.name:
+                        components[1] = '*'
+                        out_lines.append(':'.join(components))
+                    else:
+                        out_lines.append(line)
+            with open(self.SHADOWFILE, 'w') as f:
+                f.writelines(out_lines)
+        except Exception as e:
+            self.module.fail_json(
+                msg="Something went wrong when trying to modify %s: %s" %
+                (self.SHADOWFILE, to_native(e)))
+
     def create_user(self):
         cmd = [self.module.get_bin_path('adduser', True)]
 
@@ -2782,12 +2803,7 @@ class BusyBox(User):
         # https://github.com/ansible/ansible/issues/68676
         # https://bugs.busybox.net/show_bug.cgi?id=10981
         if self.password is None:
-            cmd = [self.module.get_bin_path('passwd', True)]
-            cmd += ['-u', self.name]
-            rc, out, err = self.execute_command(cmd)
-
-            if rc is not None and rc != 0:
-                self.module.fail_json(name=self.name, msg=err, rc=rc)
+            self._disable_password_in_shadow_or_fail(self.name)
         else:
             cmd = [self.module.get_bin_path('chpasswd', True)]
             cmd.append('--encrypted')