diff --git a/qa/qa/ce/strategy.rb b/qa/qa/ce/strategy.rb
index 0bd5856da20e07d825a181396ed05b8a66096670..9b10b17e1a440aef222324ae235afed9f87fb76c 100644
--- a/qa/qa/ce/strategy.rb
+++ b/qa/qa/ce/strategy.rb
@@ -51,7 +51,13 @@ def initialize_admin_api_client!
           )
 
           Runtime::Browser.visit(:gitlab, Page::Main::Login)
-          Page::Main::Login.perform(&:sign_in_using_admin_credentials)
+          Page::Main::Login.perform do |login|
+            admin_user = Runtime::User::Store.admin_user
+            login.sign_in_using_credentials(user: admin_user)
+          rescue Runtime::User::ExpiredPasswordError
+            login.set_up_new_password(user: admin_user)
+          end
+
           Page::Main::Menu.perform(&:sign_out_if_signed_in)
 
           Runtime::User::Store.initialize_admin_api_client # re-initialize admin client after password reset
diff --git a/qa/qa/page/main/login.rb b/qa/qa/page/main/login.rb
index 2b3bf307fb1876d35cfe69fde530a87cd4a030cd..d1e16ffe1d3a8e992eb3efbfc6ddce527c9d7507 100644
--- a/qa/qa/page/main/login.rb
+++ b/qa/qa/page/main/login.rb
@@ -81,8 +81,6 @@ def sign_in_using_credentials(user: nil, skip_page_validation: false, raise_on_i
                 raise_on_invalid_login: raise_on_invalid_login
               )
             end
-
-            set_up_new_password_if_required(user: test_user, skip_page_validation: skip_page_validation)
           end
         end
 
@@ -92,8 +90,6 @@ def sign_in_using_admin_credentials
             sign_in_using_gitlab_credentials(user: admin_user)
           end
 
-          set_up_new_password_if_required(user: admin_user, skip_page_validation: false)
-
           Page::Main::Menu.perform(&:has_personal_area?)
         end
 
@@ -194,23 +190,15 @@ def redirect_to_login_page(address)
           Runtime::Browser.visit(address, Page::Main::Login)
         end
 
-        private
-
-        # Handle request for password change
-        # Happens on clean GDK installations when seeded root admin password is expired
-        #
-        def set_up_new_password_if_required(user:, skip_page_validation:)
-          Support::WaitForRequests.wait_for_requests
-          return unless has_content?('Update password for', wait: 1)
-
+        def set_up_new_password(user:)
           Profile::Password.perform do |new_password_page|
             password = user.password
             new_password_page.set_new_password(password, password)
           end
-
-          sign_in_using_credentials(user: user, skip_page_validation: skip_page_validation)
         end
 
+        private
+
         def sign_in_using_gitlab_credentials(user:, skip_page_validation: false, raise_on_invalid_login: true)
           wait_if_retry_later
 
@@ -233,7 +221,9 @@ def sign_in_using_gitlab_credentials(user:, skip_page_validation: false, raise_o
 
           # Return if new password page is shown
           # Happens on clean GDK installations when seeded root admin password is expired
-          return if has_content?('Update password for', wait: 1)
+          if has_content?('Update password for', wait: 0)
+            raise Runtime::User::ExpiredPasswordError, "Password for #{user.username} is expired and must be reset"
+          end
 
           Page::Main::Terms.perform do |terms|
             terms.accept_terms if terms.visible?