diff --git a/x360ce.Web/Security/Controls/CreateUser.ascx.cs b/x360ce.Web/Security/Controls/CreateUser.ascx.cs
index b2a4620b6..ed3373ee2 100644
--- a/x360ce.Web/Security/Controls/CreateUser.ascx.cs
+++ b/x360ce.Web/Security/Controls/CreateUser.ascx.cs
@@ -11,6 +11,7 @@
 using SecurityClassesDataContext = JocysCom.WebSites.Engine.Security.Data.SecurityEntities;
 using JocysCom.WebSites.Engine.Security;
 using System.Web.UI.HtmlControls;
+using System.Security.Cryptography;
 
 namespace JocysCom.Web.Security.Controls
 {
@@ -131,22 +132,22 @@ protected override void OnInit(EventArgs e)
 		}
 
 		/// <summary>
-		/// Generate easy to remember password.
+		/// Generates a pseudorandom password that cannot be predicted.
 		/// </summary>
-		/// <returns></returns>
-		public string NewPassword()
+		/// <param name="length">
+		/// 	The length of the password to be generated,
+		/// 	if left to zero - a random password-length will be generated.
+		/// </param>
+		/// <param name="charlist">A list of characters from which the password can consist of.</param>
+		/// <returns>A string representing a securely-generated password.</returns>
+		public string NewPassword(uint length = 0, string charlist = "ABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789!\"£$%^&*()_+=-{}[]:@~;'#/,.<>?\\")
 		{
-			var rnd = new Random();
-			string chars = "qwxzQWZX";
-			;
-			string volves = "aeiouyAEIOUY".Replace(chars, "");
-			string consonants = "bcdfghjklmnpqrstvwxzBCDFGHJKLMNPQRSTVWXZ".Replace(chars, "");
+			if (length == 0) {
+				length = (uint)RandomNumberGenerator.GetInt32(12, 32 + 1);
+			}
 			string password = string.Empty;
-
-			for (int i = 0; i < 8; i++)
-			{
-				string choice = (i % 2 == 0) ? consonants : volves;
-				password += choice[rnd.Next(choice.Length)].ToString();
+			for (uint i = 0; i < length; i++) {
+				password += charlist[RandomNumberGenerator.GetInt32(charlist.Length)];
 			}
 			return password;
 		}