diff --git a/sections/login/index.php b/sections/login/index.php
index 78821168..21644647 100644
--- a/sections/login/index.php
+++ b/sections/login/index.php
@@ -45,7 +45,7 @@
 
 		if ($UserID && strtotime($Expires) > time()) {
 			// If the user has requested a password change, and his key has not expired
-			$Validate->SetFields('password', '1', 'regex', 'You entered an invalid password. A strong password is between 8 and 40 characters long, contains at least 1 lowercase and uppercase letter, contains at least a number or symbol', array('regex' => '/(?=^.{8,}$)(?=.*[^a-zA-Z])(?=.*[A-Z])(?=.*[a-z]).*$/'));
+			$Validate->SetFields('password', '1', 'regex', 'You entered an invalid password. A strong password is 8 characters or longer, contains at least 1 lowercase and uppercase letter, contains at least a number or symbol', array('regex' => '/(?=^.{8,}$)(?=.*[^a-zA-Z])(?=.*[A-Z])(?=.*[a-z]).*$/'));
 			$Validate->SetFields('verifypassword', '1', 'compare', 'Your passwords did not match.', array('comparefield' => 'password'));
 
 			if (!empty($_REQUEST['password'])) {
@@ -62,8 +62,13 @@
 							m.PassHash = '".db_string(Users::make_crypt_hash($_REQUEST['password']))."',
 							i.ResetKey = '',
 							i.ResetExpires = '0000-00-00 00:00:00'
-						WHERE m.ID = '".db_string($UserID)."'
+						WHERE m.ID = '$UserID'
 							AND i.UserID = m.ID");
+					$DB->query("
+						INSERT INTO users_history_passwords
+							(UserID, ChangerIP, ChangeTime)
+						VALUES
+							('$UserID', '$_SERVER[REMOTE_ADDR]', '".sqltime()."')");
 					$Reset = true; // Past tense form of "to reset", meaning that password has now been reset
 
 
diff --git a/sections/login/recover_step2.php b/sections/login/recover_step2.php
index 509c569c..21f9a3fa 100644
--- a/sections/login/recover_step2.php
+++ b/sections/login/recover_step2.php
@@ -13,7 +13,7 @@
 	if (!empty($Err)) {
 ?>
 		<strong class="important_text"><?=display_str($Err)?></strong><br /><br />
-<?	} ?> A strong password is between 8 and 40 characters long, contains at least 1 lowercase and uppercase letter, and contains at least a number or symbol.<br /><br />
+<?	} ?> A strong password is 8 characters or longer, contains at least 1 lowercase and uppercase letter, and contains at least a number or symbol.<br /><br />
 		<table class="layout" cellpadding="2" cellspacing="1" border="0" align="center" width="100%">
 			<tr valign="top">
 				<td align="right" style="width: 100px;">Password&nbsp;</td>
diff --git a/sections/register/index.php b/sections/register/index.php
index 0d33e82e..80696742 100644
--- a/sections/register/index.php
+++ b/sections/register/index.php
@@ -34,7 +34,7 @@
 } elseif (OPEN_REGISTRATION || !empty($_REQUEST['invite'])) {
 	$Val->SetFields('username', true, 'regex', 'You did not enter a valid username.', array('regex' => USERNAME_REGEX));
 	$Val->SetFields('email', true, 'email', 'You did not enter a valid email address.');
-	$Val->SetFields('password', true, 'regex', 'A strong password is between 8 and 40 characters long, contains at least 1 lowercase and uppercase letter, and contains at least a number or symbol', array('regex'=>'/(?=^.{8,}$)(?=.*[^a-zA-Z])(?=.*[A-Z])(?=.*[a-z]).*$/'));
+	$Val->SetFields('password', true, 'regex', 'A strong password is 8 characters or longer, contains at least 1 lowercase and uppercase letter, and contains at least a number or symbol', array('regex'=>'/(?=^.{8,}$)(?=.*[^a-zA-Z])(?=.*[A-Z])(?=.*[a-z]).*$/'));
 	$Val->SetFields('confirm_password', true, 'compare', 'Your passwords do not match.', array('comparefield' => 'password'));
 	$Val->SetFields('readrules', true, 'checkbox', 'You did not select the box that says you will read the rules.');
 	$Val->SetFields('readwiki', true, 'checkbox', 'You did not select the box that says you will read the wiki.');