diff --git a/src/internal/controller/zitadelcluster_controller.go b/src/internal/controller/zitadelcluster_controller.go
index 77c0d2c..fc2fdbe 100644
--- a/src/internal/controller/zitadelcluster_controller.go
+++ b/src/internal/controller/zitadelcluster_controller.go
@@ -457,22 +457,23 @@ func (r *ZitadelClusterReconciler) reconcileSMTPConfig(ctx context.Context, zita
 			return ctrl.Result{}, fmt.Errorf("Error getting SMTP config: %v", err)
 		}
 	}
-	if resp != nil {
+
+	if resp != nil && resp.SmtpConfig != nil {
 		adminRequest := &adm.UpdateSMTPConfigRequest{
 			SenderAddress: zitadel.Spec.SMTPConfig.SenderAddress,
 			SenderName:    zitadel.Spec.SMTPConfig.SenderName,
 			Tls:           zitadel.Spec.SMTPConfig.TLS,
 			Host:          zitadel.Spec.SMTPConfig.Host,
 			Id:            resp.SmtpConfig.Id,
+			Description:   "autogenerated by k8s-operator",
 		}
-		var password *string
 		if zitadel.Spec.SMTPConfig.User != nil && zitadel.Spec.SMTPConfig.Password != nil {
 
 			passwordSecret, err := r.RefResolver.SecretKeyRef(ctx, zitadel.Spec.SMTPConfig.Password.SecretKeyRef, zitadel.Namespace)
 			if err != nil {
 				return ctrl.Result{}, err
 			}
-			password = &passwordSecret
+			adminRequest.Password = passwordSecret
 			adminRequest.User = *zitadel.Spec.SMTPConfig.User
 		}
 		if zitadel.Spec.SMTPConfig.ReplyToAddress != nil {
@@ -485,21 +486,13 @@ func (r *ZitadelClusterReconciler) reconcileSMTPConfig(ctx context.Context, zita
 			}
 		}
 		smtpId = resp.SmtpConfig.Id
-		if password != nil {
-			if _, err = adminClient.UpdateSMTPConfigPassword(ctx, &adm.UpdateSMTPConfigPasswordRequest{
-				Password: *password,
-			}); err != nil {
-				if !strings.Contains(err.Error(), "No changes") {
-					return ctrl.Result{}, fmt.Errorf("Could not update SMTP config: %v", err)
-				}
-			}
-		}
 	} else {
 		adminRequest := &adm.AddSMTPConfigRequest{
 			SenderAddress: zitadel.Spec.SMTPConfig.SenderAddress,
 			SenderName:    zitadel.Spec.SMTPConfig.SenderName,
 			Tls:           zitadel.Spec.SMTPConfig.TLS,
 			Host:          zitadel.Spec.SMTPConfig.Host,
+			Description:   "autogenerated by k8s-operator",
 		}
 		if zitadel.Spec.SMTPConfig.User != nil && zitadel.Spec.SMTPConfig.Password != nil {
 			passwordSecret, err := r.RefResolver.SecretKeyRef(ctx, zitadel.Spec.SMTPConfig.Password.SecretKeyRef, zitadel.Namespace)