diff --git a/wp-admin/wp-admin.css b/wp-admin/wp-admin.css
index 9727eae313..18d849467b 100644
--- a/wp-admin/wp-admin.css
+++ b/wp-admin/wp-admin.css
@@ -205,7 +205,7 @@ textarea, input, select {
 	border-top-color: #999;
 }
 
-.submit, #quicktags, .editform th, #postcustomsubmit, #login form {
+.submit, #quicktags, .editform th, #postcustomsubmit {
 	text-align: right;
 }
 
diff --git a/wp-login.php b/wp-login.php
index a521089b09..92176da910 100644
--- a/wp-login.php
+++ b/wp-login.php
@@ -47,6 +47,11 @@ case 'lostpassword':
 	}
 	window.onload = focusit;
 	</script>
+	<style type="text/css">
+	#user_login, #email, #submit {
+		font-size: 1.7em;
+	}
+	</style>
 </head>
 <body>
 <div id="login">
@@ -60,11 +65,20 @@ if ($error)
 <form name="lostpass" action="wp-login.php" method="post" id="lostpass">
 <p>
 <input type="hidden" name="action" value="retrievepassword" />
-<label><?php _e('Login') ?>: <input type="text" name="user_login" id="user_login" value="" size="12" tabindex="1" /></label><br />
-<label><?php _e('E-mail') ?>: <input type="text" name="email" id="email" value="" size="12" tabindex="2" /></label><br />
+<label><?php _e('Login') ?>:<br />
+<input type="text" name="user_login" id="user_login" value="" size="20" tabindex="1" /></label></p>
+<p><label><?php _e('E-mail') ?>:<br />
+<input type="text" name="email" id="email" value="" size="25" tabindex="2" /></label><br />
 </p>
-<p class="submit"><input type="submit" name="submit" value="<?php _e('Retrieve Password'); ?> &raquo;" tabindex="3" /></p>
+<p class="submit"><input type="submit" name="submit" id="submit" value="<?php _e('Retrieve Password'); ?> &raquo;" tabindex="3" /></p>
 </form>
+<ul>
+	<li><a href="<?php bloginfo('home'); ?>" title="<?php _e('Are you lost?') ?>">&laquo; <?php _e('Back to blog') ?></a></li>
+<?php if (get_settings('users_can_register')) : ?>
+	<li><a href="<?php bloginfo('wpurl'); ?>/wp-register.php"><?php _e('Register') ?></a></li>
+<?php endif; ?>
+	<li><a href="<?php bloginfo('wpurl'); ?>/wp-login.php"><?php _e('Login') ?></a></li>
+</ul>
 </div>
 </body>
 </html>
@@ -72,7 +86,6 @@ if ($error)
 break;
 
 case 'retrievepassword':
-
 	$user_data = get_userdatabylogin($_POST['user_login']);
 	// redefining user_login ensures we return the right case in the email
 	$user_login = $user_data->user_login;
@@ -82,14 +95,15 @@ case 'retrievepassword':
 		die(sprintf(__('Sorry, that user does not seem to exist in our database. Perhaps you have the wrong username or e-mail address? <a href="%s">Try again</a>.'), 'wp-login.php?action=lostpassword'));
 
 	// Generate something random for a password... md5'ing current time with a rand salt
-	$user_pass = substr(md5(uniqid(microtime())), 0, 6);
+	$key = substr( md5( uniqid( microtime() ) ), 0, 50);
 	// now insert the new pass md5'd into the db
- 	$wpdb->query("UPDATE $wpdb->users SET user_pass = MD5('$user_pass') WHERE user_login = '$user_login'");
-	$message  = __('Login') . ": $user_login\r\n";
-	$message .= __('Password') . ": $user_pass\r\n";
-	$message .= get_settings('siteurl') . '/wp-login.php';
-
-	$m = wp_mail($user_email, sprintf(__("[%s] Your login and password"), get_settings('blogname')), $message);
+ 	$wpdb->query("UPDATE $wpdb->users SET user_activation_key = '$key' WHERE user_login = '$user_login'");
+	$message .= __("Someone has asked to reset a password for the login this site\n\n " . get_option('siteurl') ) . "\n\n";
+	$message .= __('Login') . ": $user_login\r\n\r\n";
+	$message .= __("To reset your password visit the following address, otherwise just ignore this email and nothing will happen.\n\n");
+	$message .= get_settings('siteurl') . "/wp-login.php?action=resetpass&key=$key";
+mail($user_email, sprintf(__("[%s] Password Reset"), get_settings('blogname')), $message);
+	$m = wp_mail($user_email, sprintf(__("[%s] Password Reset"), get_settings('blogname')), $message);
 
 	if ($m == false) {
 		 echo '<p>' . __('The e-mail could not be sent.') . "<br />\n";
@@ -97,14 +111,42 @@ case 'retrievepassword':
 		die();
 	} else {
 		echo '<p>' .  sprintf(__("The e-mail was sent successfully to %s's e-mail address."), $user_login) . '<br />';
-        echo  "<a href='wp-login.php' title='" . __('Check your e-mail first, of course') . "'>" . __('Click here to login!') . '</a></p>';
-		// send a copy of password change notification to the admin
-		wp_mail(get_settings('admin_email'), sprintf(__('[%s] Password Lost/Change'), get_settings('blogname')), sprintf(__('Password Lost and Changed for user: %s'), $user_login));
+		echo  "<a href='wp-login.php' title='" . __('Check your e-mail first, of course') . "'>" . __('Click here to login!') . '</a></p>';
 		die();
 	}
 
 break;
 
+case 'resetpass' :
+
+	// Generate something random for a password... md5'ing current time with a rand salt
+	$key = $_GET['key'];
+	$user = $wpdb->get_row("SELECT * FROM $wpdb->users WHERE user_activation_key = '$key'");
+	if ( !$user )
+		die( __('Sorry, that key does not appear to be valid.') );
+
+	$new_pass = md5( substr( md5( uniqid( microtime() ) ), 0, 7) );
+ 	$wpdb->query("UPDATE $wpdb->users SET user_pass = '$new_pass', user_activation_key = '' WHERE user_login = '$user->user_login'");
+	$message  = __('Login') . ": $user_login\r\n";
+	$message .= __('Password') . ": $new_pass\r\n";
+	$message .= get_settings('siteurl') . '/wp-login.php';
+
+	$m = wp_mail($user->user_email, sprintf(__("[%s] Your new password"), get_settings('blogname')), $message);
+
+	if ($m == false) {
+		 echo '<p>' . __('The e-mail could not be sent.') . "<br />\n";
+         echo  __('Possible reason: your host may have disabled the mail() function...') . "</p>";
+		die();
+	} else {
+		echo '<p>' .  sprintf(__("Your new password is in the mail."), $user_login) . '<br />';
+        echo  "<a href='wp-login.php' title='" . __('Check your e-mail first, of course') . "'>" . __('Click here to login!') . '</a></p>';
+		die();
+	}	
+	
+		// send a copy of password change notification to the admin
+		wp_mail(get_settings('admin_email'), sprintf(__('[%s] Password Lost/Change'), get_settings('blogname')), sprintf(__('Password Lost and Changed for user: %s'), $user_login));
+break;
+
 case 'login' : 
 default:
 
@@ -158,6 +200,11 @@ default:
 	}
 	window.onload = focusit;
 	</script>
+	<style type="text/css">
+	#log, #pwd, #submit {
+		font-size: 1.7em;
+	}
+	</style>
 </head>
 <body>
 
@@ -169,10 +216,10 @@ if ( $error )
 ?>
 
 <form name="loginform" id="loginform" action="wp-login.php" method="post">
-<p><label><?php _e('Login') ?>: <input type="text" name="log" id="log" value="" size="20" tabindex="1" /></label></p>
-<p><label><?php _e('Password') ?>: <input type="password" name="pwd" value="" size="20" tabindex="2" /></label></p>
+<p><label><?php _e('Login') ?>:<br /><input type="text" name="log" id="log" value="" size="20" tabindex="1" /></label></p>
+<p><label><?php _e('Password') ?>:<br /> <input type="password" name="pwd" id="pwd" value="" size="20" tabindex="2" /></label></p>
 <p class="submit">
-	<input type="submit" name="submit" value="<?php _e('Login'); ?> &raquo;" tabindex="3" />
+	<input type="submit" name="submit" id="submit" value="<?php _e('Login'); ?> &raquo;" tabindex="3" />
 	<input type="hidden" name="redirect_to" value="<?php echo $redirect_to; ?>" />
 </p>
 </form>
diff --git a/wp-register.php b/wp-register.php
index c455776507..c12b3b06b2 100644
--- a/wp-register.php
+++ b/wp-register.php
@@ -26,8 +26,6 @@ switch($action) {
 case 'register':
 
 	$user_login = $_POST['user_login'];
-	$pass1 = $_POST['pass1'];
-	$pass2 = $_POST['pass2'];
 	$user_email = $_POST['user_email'];
 		
 	/* checking login has been typed */
@@ -35,17 +33,6 @@ case 'register':
 		die (__('<strong>ERROR</strong>: Please enter a login.'));
 	}
 
-	/* checking the password has been typed twice */
-	if ($pass1 == '' || $pass2 == '') {
-		die (__('<strong>ERROR</strong>: Please enter your password twice.'));
-	}
-
-	/* checking the password has been typed twice the same */
-	if ($pass1 != $pass2)	{
-		die (__('<strong>ERROR</strong>: Please type the same password in the two password fields.'));
-	}
-	$user_nickname = $user_login;
-
 	/* checking e-mail address */
 	if ($user_email == '') {
 		die (__('<strong>ERROR</strong>: Please type your e-mail address.'));
@@ -63,17 +50,17 @@ case 'register':
 
 	$user_browser = $wpdb->escape($_SERVER['HTTP_USER_AGENT']);
 
-	$user_login = $wpdb->escape($user_login);
-	$pass1 = $wpdb->escape($pass1);
-	$user_nickname = $wpdb->escape($user_nickname);
-    $user_nicename = sanitize_title($user_nickname);
+	$user_login = $wpdb->escape( preg_replace('|a-z0-9 _.-|i', '', $user_login) );
+	$user_nickname = $user_login;
+   $user_nicename = sanitize_title($user_nickname);
 	$now = gmdate('Y-m-d H:i:s');
 	if (get_settings('new_users_can_blog') >= 1) $user_level = 1;
+	$password = substr( md5( uniqid( microtime() ) ), 0, 7);
 
 	$result = $wpdb->query("INSERT INTO $wpdb->users 
 		(user_login, user_pass, user_nickname, user_email, user_ip, user_browser, user_registered, user_level, user_idmode, user_nicename)
 	VALUES 
-		('$user_login', MD5('$pass1'), '$user_nickname', '$user_email', '$user_ip', '$user_browser', '$now', '$user_level', 'nickname', '$user_nicename')");
+		('$user_login', MD5('$password'), '$user_nickname', '$user_email', '$user_ip', '$user_browser', '$now', '$user_level', 'nickname', '$user_nicename')");
 	
 	if ($result == false) {
 		die (sprintf(__('<strong>ERROR</strong>: Couldn&#8217;t register you... please contact the <a href="mailto:%s">webmaster</a> !'), get_settings('admin_email')));
@@ -83,6 +70,12 @@ case 'register':
 	for ($i = 0; $i < strlen($pass1); $i = $i + 1) {
 		$stars .= '*';
 	}
+	
+	$message  = __('Login') . ": $user_login\r\n";
+	$message .= __('Password') . ": $new_pass\r\n";
+	$message .= get_settings('siteurl') . '/wp-login.php';
+	
+	wp_mail($user_email, sprintf(__("[%s] Your login information"), get_settings('blogname')), $message);
 
 	$message  = sprintf(__("New user registration on your blog %1\$s:\n\nLogin: %2\$s \n\nE-mail: %3\$s"), get_settings('blogname'), $user_login, $user_email);
 
@@ -101,7 +94,7 @@ case 'register':
 <div id="login"> 
 	<h2><?php _e('Registration Complete') ?></h2>
 	<p><?php _e('Login:') ?> <strong><?php echo $user_login; ?></strong><br />
-	<?php _e('Password:') ?> <strong><?php echo $stars; ?></strong><br />
+	<?php _e('Password:') ?> <strong>emailed to you</strong><br />
 	<?php _e('E-mail:') ?> <strong><?php echo $user_email; ?></strong></p>
 	<form action="wp-login.php" method="post" name="login">
 		<input type="hidden" name="log" value="<?php echo $user_login; ?>" />
@@ -149,21 +142,30 @@ default:
 	<title>WordPress &raquo; <?php _e('Registration Form') ?></title>
 	<meta http-equiv="Content-Type" content="text/html; charset=<?php echo get_settings('blog_charset'); ?>" />
 	<link rel="stylesheet" href="wp-admin/wp-admin.css" type="text/css" />
+	<style type="text/css">
+	#user_email, #user_login, #submit {
+		font-size: 1.7em;
+	}
+	</style>
 </head>
 
 <body>
 <div id="login">
-<h2><?php _e('Registration') ?></h2>
+<h1><a href="http://wordpress.org/">WordPress</a></h1>
+<h2><?php _e('Register for this blog') ?></h2>
 
-<form method="post" action="wp-register.php">
-	<input type="hidden" name="action" value="register" />
-	<label for="user_login"><?php _e('Login:') ?></label> <input type="text" name="user_login" id="user_login" size="10" maxlength="20" /><br />
-	<label for="pass1"><?php _e('Password:') ?></label> <input type="password" name="pass1" id="pass1" size="10" maxlength="100" /><br />
- 
-	<input type="password" name="pass2" size="10" maxlength="100" /><br />
-	<label for="user_email"><?php _e('E-mail') ?></label>: <input type="text" name="user_email" id="user_email" size="15" maxlength="100" /><br />
-	<input type="submit" value="<?php _e('OK') ?>" class="search" name="submit" />
+<form method="post" action="wp-register.php" id="registerform">
+	<p><input type="hidden" name="action" value="register" />
+	<label for="user_login"><?php _e('Login:') ?></label><br /> <input type="text" name="user_login" id="user_login" size="20" maxlength="20" /><br /></p>
+	<p><label for="user_email"><?php _e('E-mail') ?></label>:<br /> <input type="text" name="user_email" id="user_email" size="25" maxlength="100" /></p>
+	<p>A password will be emailed to you.</p>
+	<p class="submit"><input type="submit" value="<?php _e('Register') ?> &raquo;" id="submit" name="submit" /></p>
 </form>
+<ul>
+	<li><a href="<?php bloginfo('home'); ?>" title="<?php _e('Are you lost?') ?>">&laquo; <?php _e('Back to blog') ?></a></li>
+	<li><a href="<?php bloginfo('wpurl'); ?>/wp-login.php"><?php _e('Login') ?></a></li>
+	<li><a href="<?php bloginfo('wpurl'); ?>/wp-login.php?action=lostpassword" title="<?php _e('Password Lost and Found') ?>"><?php _e('Lost your password?') ?></a></li>
+</ul>
 </div>
 
 </body>