diff --git a/lib/modules/manager/nuget/artifacts.spec.ts b/lib/modules/manager/nuget/artifacts.spec.ts
index aa22079b096e2c8ee1e63d34eb40d9f8db5a2b94..870701c93eee767452f3a5e0da985a13718ad3aa 100644
--- a/lib/modules/manager/nuget/artifacts.spec.ts
+++ b/lib/modules/manager/nuget/artifacts.spec.ts
@@ -6,6 +6,7 @@ import type { RepoGlobalConfig } from '../../../config/types';
 import * as docker from '../../../util/exec/docker';
 import * as _hostRules from '../../../util/host-rules';
 import type { UpdateArtifactsConfig } from '../types';
+import type { Registry } from './types';
 import * as util from './util';
 import * as nuget from '.';
 
@@ -420,16 +421,23 @@ describe('modules/manager/nuget/artifacts', () => {
         name: 'myRegistry',
         url: 'https://my-registry.example.org',
       },
-    ] as never);
-    hostRules.find.mockImplementationOnce((search) => {
-      if (
-        search.hostType === 'nuget' &&
-        search.url === 'https://my-registry.example.org'
-      ) {
-        return {
-          username: 'some-username',
-          password: 'some-password',
-        };
+      {
+        name: 'myRegistry2',
+        url: 'https://my-registry2.example.org',
+      },
+    ] satisfies Registry[]);
+    hostRules.find.mockImplementation((search) => {
+      if (search.hostType === 'nuget') {
+        if (search.url === 'https://my-registry.example.org') {
+          return {
+            username: 'some-username',
+            password: 'some-password',
+          };
+        } else {
+          return {
+            password: 'some-password',
+          };
+        }
       }
       return {};
     });
@@ -455,6 +463,11 @@ describe('modules/manager/nuget/artifacts', () => {
           'dotnet nuget add source https://my-registry.example.org/ --configfile /tmp/renovate/cache/__renovate-private-cache/nuget/nuget.config ' +
           '--name myRegistry --username some-username --password some-password --store-password-in-clear-text',
       },
+      {
+        cmd:
+          'dotnet nuget add source https://my-registry2.example.org/ --configfile /tmp/renovate/cache/__renovate-private-cache/nuget/nuget.config ' +
+          '--name myRegistry2 --password some-password --store-password-in-clear-text',
+      },
       {
         cmd: 'dotnet restore project.csproj --force-evaluate --configfile /tmp/renovate/cache/__renovate-private-cache/nuget/nuget.config',
       },
diff --git a/lib/modules/manager/nuget/artifacts.ts b/lib/modules/manager/nuget/artifacts.ts
index 2d2f4e1a6af3bf5cc6538be0ed29b8a8d124ae85..4b84ca0406edacfbe7f5fb776734cc88ed73df1d 100644
--- a/lib/modules/manager/nuget/artifacts.ts
+++ b/lib/modules/manager/nuget/artifacts.ts
@@ -38,7 +38,7 @@ async function addSourceCmds(
     (await getConfiguredRegistries(packageFileName)) ?? getDefaultRegistries();
   const result: string[] = [];
   for (const registry of registries) {
-    const { username, password } = hostRules.find({
+    const { password, username } = hostRules.find({
       hostType: NugetDatasource.id,
       url: registry.url,
     });
@@ -50,9 +50,14 @@ async function addSourceCmds(
       // Add name for registry, if known.
       addSourceCmd += ` --name ${quote(registry.name)}`;
     }
-    if (username && password) {
-      // Add registry credentials from host rules, if configured.
-      addSourceCmd += ` --username ${quote(username)} --password ${quote(
+    // Add registry credentials from host rules, if configured.
+    if (username) {
+      // Add username from host rules, if configured.
+      addSourceCmd += ` --username ${quote(username)}`;
+    }
+    if (password) {
+      // Add password from host rules, if configured.
+      addSourceCmd += ` --password ${quote(
         password
       )} --store-password-in-clear-text`;
     }