diff --git a/config/src/main/java/org/springframework/security/config/annotation/authentication/configuration/AuthenticationConfiguration.java b/config/src/main/java/org/springframework/security/config/annotation/authentication/configuration/AuthenticationConfiguration.java
index da005273022..29921d6fc37 100644
--- a/config/src/main/java/org/springframework/security/config/annotation/authentication/configuration/AuthenticationConfiguration.java
+++ b/config/src/main/java/org/springframework/security/config/annotation/authentication/configuration/AuthenticationConfiguration.java
@@ -36,6 +36,7 @@
 import org.springframework.context.annotation.Import;
 import org.springframework.core.annotation.AnnotationAwareOrderComparator;
 import org.springframework.core.log.LogMessage;
+import org.springframework.lang.Contract;
 import org.springframework.security.authentication.AuthenticationEventPublisher;
 import org.springframework.security.authentication.AuthenticationManager;
 import org.springframework.security.authentication.DefaultAuthenticationEventPublisher;
@@ -302,6 +303,7 @@ static class LazyPasswordEncoder implements PasswordEncoder {
 		}
 
 		@Override
+		@Contract("!null -> !null; null -> null")
 		public String encode(CharSequence rawPassword) {
 			return getPasswordEncoder().encode(rawPassword);
 		}
diff --git a/config/src/main/java/org/springframework/security/config/annotation/web/configuration/HttpSecurityConfiguration.java b/config/src/main/java/org/springframework/security/config/annotation/web/configuration/HttpSecurityConfiguration.java
index efde27ad3fe..81e6c8f034d 100644
--- a/config/src/main/java/org/springframework/security/config/annotation/web/configuration/HttpSecurityConfiguration.java
+++ b/config/src/main/java/org/springframework/security/config/annotation/web/configuration/HttpSecurityConfiguration.java
@@ -30,6 +30,7 @@
 import org.springframework.core.MethodParameter;
 import org.springframework.core.ResolvableType;
 import org.springframework.core.io.support.SpringFactoriesLoader;
+import org.springframework.lang.Contract;
 import org.springframework.security.authentication.AuthenticationEventPublisher;
 import org.springframework.security.authentication.AuthenticationManager;
 import org.springframework.security.authentication.DefaultAuthenticationEventPublisher;
@@ -293,6 +294,7 @@ static class LazyPasswordEncoder implements PasswordEncoder {
 		}
 
 		@Override
+		@Contract("!null -> !null; null -> null")
 		public String encode(CharSequence rawPassword) {
 			return getPasswordEncoder().encode(rawPassword);
 		}
diff --git a/crypto/src/main/java/org/springframework/security/crypto/password/AbstractValidatingPasswordEncoder.java b/crypto/src/main/java/org/springframework/security/crypto/password/AbstractValidatingPasswordEncoder.java
index 700bd47de77..2e143c8b0b2 100644
--- a/crypto/src/main/java/org/springframework/security/crypto/password/AbstractValidatingPasswordEncoder.java
+++ b/crypto/src/main/java/org/springframework/security/crypto/password/AbstractValidatingPasswordEncoder.java
@@ -18,6 +18,7 @@
 
 import org.jspecify.annotations.Nullable;
 
+import org.springframework.lang.Contract;
 import org.springframework.util.StringUtils;
 
 /**
@@ -33,6 +34,7 @@
 public abstract class AbstractValidatingPasswordEncoder implements PasswordEncoder {
 
 	@Override
+	@Contract("!null -> !null; null -> null")
 	public final @Nullable String encode(@Nullable CharSequence rawPassword) {
 		if (rawPassword == null) {
 			return null;
diff --git a/crypto/src/main/java/org/springframework/security/crypto/password/PasswordEncoder.java b/crypto/src/main/java/org/springframework/security/crypto/password/PasswordEncoder.java
index 15aa875fa2b..87ffe1a11a7 100644
--- a/crypto/src/main/java/org/springframework/security/crypto/password/PasswordEncoder.java
+++ b/crypto/src/main/java/org/springframework/security/crypto/password/PasswordEncoder.java
@@ -38,7 +38,7 @@ public interface PasswordEncoder {
 	 * @return A non-null encoded password, unless the rawPassword was null in which case
 	 * the result must be null.
 	 */
-	@Contract("null -> null; !null -> !null")
+	@Contract("!null -> !null; null -> null")
 	@Nullable String encode(@Nullable CharSequence rawPassword);
 
 	/**