diff --git a/Controller/UserController.php b/Controller/UserController.php
index c7e06ebd3..858db9d07 100644
--- a/Controller/UserController.php
+++ b/Controller/UserController.php
@@ -50,7 +50,7 @@ class UserController extends Controller
             $em = $this->getDoctrine()->getManager();
 
             $user->setPassword($this->get('security.password_encoder')
-                    ->encodePassword($user, $form['plainPassword']['password']->getData()));
+                    ->encodePassword($user, $form['plainPassword']->getData()));
 
             $em->persist($user);
             $em->flush();
@@ -177,12 +177,14 @@ class UserController extends Controller
      */
     private function createEditPasswordForm(User $user)
     {
-        return $this->createForm(UserPasswordType::class, $user, array(
-            'action' =>
-                $this->generateUrl('admin_user_update_password', array('id' => $user->getId())),
-            'method' => 'PUT'
-            ))
-                ->add('submit', SubmitType::class, array('label' => 'Change password'))
+        return $this->createForm(UserPasswordType::class, null, array(
+                'action' =>
+                    $this->generateUrl('admin_user_update_password', array('id' => $user->getId())),
+                'method' => 'PUT',
+                'user' => $user
+                ))
+            ->add('submit', SubmitType::class, array('label' => 'Change password'))
+            ->remove('actual_password')
                 ;
     }
 
@@ -356,15 +358,13 @@ class UserController extends Controller
         $editForm->handleRequest($request);
 
         if ($editForm->isValid()) {
-            $password = $editForm->getData()->getPassword();
+            $password = $editForm->get('new_password')->getData();
 
-            // logging for debug !! WARNING print the new password !!
-            $this->get('logger')->debug('update password for an user',
-                    array('method' => __METHOD__, 'password' => $password,
-                        'user' => $user->getUsername()));
             // logging for prod
-            $this->get('logger')->info('update password for an user',
-                    array('method' => __METHOD__, 'user' => $user->getUsername()));
+            $this->get('logger')->info('update password for an user', [
+                    'by' => $this->getUser()->getUsername(), 
+                    'user' => $user->getUsername()
+                ]);
 
             $user->setPassword($this->get('security.password_encoder')
                     ->encodePassword($user, $password));
diff --git a/Form/UserType.php b/Form/UserType.php
index cbb027c25..0b7c587d7 100644
--- a/Form/UserType.php
+++ b/Form/UserType.php
@@ -6,6 +6,11 @@ use Symfony\Component\Form\AbstractType;
 use Symfony\Component\Form\FormBuilderInterface;
 use Symfony\Component\OptionsResolver\OptionsResolver;
 use Symfony\Component\Form\Extension\Core\Type\ChoiceType;
+use Symfony\Component\Form\Extension\Core\Type\RepeatedType;
+use Symfony\Component\Validator\Constraints\Length;
+use Symfony\Component\Validator\Constraints\NotBlank;
+use Symfony\Component\Validator\Constraints\Regex;
+use Symfony\Component\Form\Extension\Core\Type\PasswordType;
 
 use Chill\MainBundle\Form\UserPasswordType;
 
@@ -22,8 +27,31 @@ class UserType extends AbstractType
             ->add('email')
             ;
         if ($options['is_creation']) {
-            $builder->add('plainPassword', UserPasswordType::class, array(
-                'mapped' => false
+            $builder->add('plainPassword', RepeatedType::class, array(
+                'mapped' => false,
+                'type' => PasswordType::class,
+                'required' => false,
+                'options' => array(),
+                'first_options' => array(
+                    'label' => 'Password'
+                ),
+                'second_options' => array(
+                    'label' => 'Repeat the password'
+                ),
+                'invalid_message' => "The password fields must match",
+                'constraints' => array(
+                    new Length(array(
+                        'min' => 9,
+                        'minMessage' => 'The password must be greater than {{ limit }} characters'
+                        )),
+                    new NotBlank(),
+                    new Regex(array(
+                        'pattern' => "/((?=.*\d)(?=.*[a-z])(?=.*[A-Z])(?=.*[@#$%!,;:+\"'-\/{}~=µ\(\)£]).{6,})/",
+                        'message' => "The password must contains one letter, one "
+                        . "capitalized letter, one number and one special character "
+                        . "as *[@#$%!,;:+\"'-/{}~=µ()£]). Other characters are allowed."
+                        ))
+                )
             ));
 
         } else {
diff --git a/Resources/views/User/edit_password.html.twig b/Resources/views/User/edit_password.html.twig
index 70a98620c..225df795a 100644
--- a/Resources/views/User/edit_password.html.twig
+++ b/Resources/views/User/edit_password.html.twig
@@ -6,7 +6,7 @@
     <h1>{{ 'Edit password for %username%'|trans( { '%username%': entity.username } ) }}</h1>
 
     {{ form_start(edit_form) }}
-    {{ form_row(edit_form.password) }}
+    {{ form_row(edit_form.new_password) }}
     {{ form_widget(edit_form.submit, { 'attr': { 'class': 'sc-button orange' } } ) }}
     {{ form_end(edit_form) }}
     
diff --git a/Resources/views/User/new.html.twig b/Resources/views/User/new.html.twig
index 2b25bcbc5..2a2942722 100644
--- a/Resources/views/User/new.html.twig
+++ b/Resources/views/User/new.html.twig
@@ -8,7 +8,7 @@
     {{ form_start(form) }}
     {{ form_row(form.username) }}
     {{ form_row(form.email) }}
-    {{ form_row(form.plainPassword.password) }}
+    {{ form_row(form.plainPassword) }}
     {{ form_widget(form.submit, { 'attr' : { 'class': 'sc-button blue' } }) }}
     {{ form_end(form) }}