diff --git a/howto/reset.user.password.md b/howto/reset.user.password.md
index 0b2ce8d5..65d4e7d6 100644
--- a/howto/reset.user.password.md
+++ b/howto/reset.user.password.md
@@ -1,6 +1,6 @@
 # Reset user password
 
-> * SSHA512 is recommended for SQL backends, don't use MD5 unless you have too.
+> * SSHA512 is recommended for SQL backends, don't use MD5 unless you have a reason.
 > * BCRYPT is recommended for SQL backens on BSD systems.
 
 With MySQL or PostgreSQL backends, you can generate a password hash with
diff --git a/html/reset.user.password.html b/html/reset.user.password.html
index 9a72aa51..11ffe614 100644
--- a/html/reset.user.password.html
+++ b/html/reset.user.password.html
@@ -13,7 +13,7 @@
     </div><h1 id="reset-user-password">Reset user password</h1>
 <blockquote>
 <ul>
-<li>SSHA512 is recommended for SQL backends, don't use MD5 unless you have too.</li>
+<li>SSHA512 is recommended for SQL backends, don't use MD5 unless you have a reason.</li>
 <li>BCRYPT is recommended for SQL backens on BSD systems.</li>
 </ul>
 </blockquote>