diff --git a/app/controllers/public/account_controller.rb b/app/controllers/public/account_controller.rb
index ad603e1..3852ce2 100644
--- a/app/controllers/public/account_controller.rb
+++ b/app/controllers/public/account_controller.rb
@@ -135,6 +135,9 @@ class AccountController < ApplicationController
       rescue User::IncorrectPassword => e
         session[:notice] = _('The supplied current password is incorrect.')
         render :action => 'change_password'
+      rescue ActiveRecord::RecordInvalid
+        session[:notice] = _("Passwords don't match!")
+        render :action => 'change_password'
       end
     else
       render :action => 'change_password'
diff --git a/test/functional/account_controller_test.rb b/test/functional/account_controller_test.rb
index af994aa..22fbe4d 100644
--- a/test/functional/account_controller_test.rb
+++ b/test/functional/account_controller_test.rb
@@ -203,6 +203,16 @@ class AccountControllerTest < ActionController::TestCase
     assert_equal users(:ze), @controller.send(:current_user)
   end
 
+  should "not change password when new password and new password confirmation don't match" do
+    login_as 'ze'
+    post :change_password, :current_password => 'test', :new_password => 'blabla', :new_password_confirmation => 'blibli'
+    assert_response :success
+    assert_template 'change_password'
+    assert !assigns(:current_user).authenticated?('blabla')
+    assert !assigns(:current_user).authenticated?('blibli')
+    assert_equal users(:ze), @controller.send(:current_user)
+  end
+
   should 'provide a "I forget my password" link at the login page' do
     get :login
     assert_tag :tag => 'a', :attributes => {
--
libgit2 0.21.2