diff --git a/phpBB/docs/CHANGELOG.html b/phpBB/docs/CHANGELOG.html
index 8bd8934eb0..dd4ffbb4d1 100644
--- a/phpBB/docs/CHANGELOG.html
+++ b/phpBB/docs/CHANGELOG.html
@@ -93,6 +93,7 @@
 	<ul>
 		<li>[Fix] Correctly sort database backup file list by date on database restore page. (Bug #57385)</li>
 		<li>[Fix] Take admin's time zone settings into account when listing database backup files. (Bug #57385)</li>
+		<li>[Fix] Honor minimum and maximum password length in generated passwords as much as we can. (Bug #13181)</li>
 	</ul>
 
 	<a name="v306"></a><h3>1.ii. Changes since 3.0.6</h3>
diff --git a/phpBB/includes/ucp/ucp_remind.php b/phpBB/includes/ucp/ucp_remind.php
index df6733d038..f9b792de20 100644
--- a/phpBB/includes/ucp/ucp_remind.php
+++ b/phpBB/includes/ucp/ucp_remind.php
@@ -77,11 +77,12 @@ class ucp_remind
 
 			$server_url = generate_board_url();
 
-			$key_len = 54 - strlen($server_url);
-			$key_len = max(6, $key_len); // we want at least 6
-			$key_len = ($config['max_pass_chars']) ? min($key_len, $config['max_pass_chars']) : $key_len; // we want at most $config['max_pass_chars']
-			$user_actkey = substr(gen_rand_string(10), 0, $key_len);
-			$user_password = gen_rand_string(8);
+			// Make password at least 8 characters long, make it longer if admin wants to.
+			// gen_rand_string() however has a limit of 12 or 13.
+			$user_password = gen_rand_string(max(8, rand((int) $config['min_pass_chars'], (int) $config['max_pass_chars'])));
+
+			// For the activation key a random length between 6 and 10 will do.
+			$user_actkey = gen_rand_string(rand(6, 10));
 
 			$sql = 'UPDATE ' . USERS_TABLE . "
 				SET user_newpasswd = '" . $db->sql_escape(phpbb_hash($user_password)) . "', user_actkey = '" . $db->sql_escape($user_actkey) . "'