diff --git a/phpBB/docs/CHANGELOG.html b/phpBB/docs/CHANGELOG.html
index b7abd9e525..96acab6651 100644
--- a/phpBB/docs/CHANGELOG.html
+++ b/phpBB/docs/CHANGELOG.html
@@ -129,6 +129,7 @@
 		<li>[Fix] Add quoting support to PM history when composing a reply. (Bug #34285)</li>
 		<li>[Fix] Use phpBB 3.1.x method for storing cached data to prevent PHP bug with our usage of var_export(). (Thanks to Techie Micheal and HoL for pointing out possible problems)</li>
 		<li>[Fix] Check users pm preferences for pm's sent to groups. (Bug #33245)</li>
+		<li>[Fix] Do not allow password reminders if u_passchg permission is not given. (Bug #14806)</li>
 
 		<li>[Change] No longer allow the direct use of MULTI_INSERT in sql_build_array. sql_multi_insert() must be used.</li>
 		<li>[Change] Display warning in ACP if config.php file is left writable.</li>
diff --git a/phpBB/includes/ucp/ucp_remind.php b/phpBB/includes/ucp/ucp_remind.php
index 12de817099..6325bf89b6 100644
--- a/phpBB/includes/ucp/ucp_remind.php
+++ b/phpBB/includes/ucp/ucp_remind.php
@@ -36,7 +36,7 @@ class ucp_remind
 
 		if ($submit)
 		{
-			$sql = 'SELECT user_id, username, user_email, user_jabber, user_notify_type, user_type, user_lang, user_inactive_reason
+			$sql = 'SELECT user_id, username, user_permissions, user_email, user_jabber, user_notify_type, user_type, user_lang, user_inactive_reason
 				FROM ' . USERS_TABLE . "
 				WHERE user_email = '" . $db->sql_escape($email) . "'
 					AND username_clean = '" . $db->sql_escape(utf8_clean_string($username)) . "'";
@@ -66,6 +66,15 @@ class ucp_remind
 				}
 			}
 
+			// Check users permissions
+			$auth2 = new auth();
+			$auth2->acl($user_row);
+
+			if (!$auth2->acl_get('u_chgpasswd'))
+			{
+				trigger_error('NO_AUTH_PASSWORD_REMINDER');
+			}
+
 			$server_url = generate_board_url();
 
 			$key_len = 54 - strlen($server_url);
diff --git a/phpBB/language/en/ucp.php b/phpBB/language/en/ucp.php
index 79026af56f..3cf8d8cce3 100644
--- a/phpBB/language/en/ucp.php
+++ b/phpBB/language/en/ucp.php
@@ -288,6 +288,7 @@ $lang = array_merge($lang, array(
 	'NO_AUTH_EDIT_MESSAGE'			=> 'You are not authorised to edit private messages.',
 	'NO_AUTH_FORWARD_MESSAGE'		=> 'You are not authorised to forward private messages.',
 	'NO_AUTH_GROUP_MESSAGE'			=> 'You are not authorised to send private messages to groups.',
+	'NO_AUTH_PASSWORD_REMINDER'		=> 'You are not authorised to request a new password.',
 	'NO_AUTH_READ_HOLD_MESSAGE'		=> 'You are not authorised to read private messages that are on hold.',
 	'NO_AUTH_READ_MESSAGE'			=> 'You are not authorised to read private messages.',
 	'NO_AUTH_READ_REMOVED_MESSAGE'	=> 'You are not able to read this message because it was removed by the author.',
