diff --git a/app/models/user.rb b/app/models/user.rb
index 1a4022c39..8e3e667ec 100644
--- a/app/models/user.rb
+++ b/app/models/user.rb
@@ -116,6 +116,7 @@ class User < Principal
     validates_format_of :password, :with => v, :message => :"must_contain_#{k}", :allow_blank => true, :if => Proc.new {Setting.password_required_char_classes.include?(k)}
   end
   validate :validate_password_length
+  validate :validate_password_complexity
   validate do
     if password_confirmation && password != password_confirmation
       errors.add(:password, :confirmation)
@@ -910,6 +911,17 @@ class User < Principal
     end
   end
 
+  def validate_password_complexity
+    return if password.blank? && generate_password?
+    return if password.nil?
+
+    bad_passwords = (
+      [login, firstname, lastname, mail] +
+      email_addresses.map(&:address)
+    )
+    errors.add(:password, :too_simple) if bad_passwords.any? {|p| password.casecmp?(p)}
+  end
+
   def instantiate_email_address
     email_address || build_email_address
   end
diff --git a/config/locales/en.yml b/config/locales/en.yml
index 209e827f6..002ee3471 100644
--- a/config/locales/en.yml
+++ b/config/locales/en.yml
@@ -114,6 +114,7 @@ en:
         blank: "cannot be blank"
         too_long: "is too long (maximum is %{count} characters)"
         too_short: "is too short (minimum is %{count} characters)"
+        too_simple: "is too simple"
         wrong_length: "is the wrong length (should be %{count} characters)"
         taken: "has already been taken"
         not_a_number: "is not a number"
diff --git a/test/unit/user_test.rb b/test/unit/user_test.rb
index dde1cdd62..6245ff2e5 100644
--- a/test/unit/user_test.rb
+++ b/test/unit/user_test.rb
@@ -558,6 +558,23 @@ class UserTest < ActiveSupport::TestCase
     end
   end
 
+  def test_validate_password_complexity
+    user = users(:users_002)
+    bad_passwords = [
+      user.login,
+      user.lastname,
+      user.firstname,
+      user.mail,
+      user.login.upcase
+    ]
+
+    bad_passwords.each do |p|
+      user.password, user.password_confirmation = p, p
+      assert_not user.save
+      assert user.errors.full_messages.include?('Password is too simple')
+    end
+  end
+
   def test_name_format
     assert_equal 'John S.', @jsmith.name(:firstname_lastinitial)
     assert_equal 'Smith, John', @jsmith.name(:lastname_comma_firstname)