diff --git a/webadmin/newuser.php b/webadmin/newuser.php
index edfdb77e51b69885c753319380f2948cc92d1ae6..c1f1031017f049de9554765be71eed283cea5683 100755
--- a/webadmin/newuser.php
+++ b/webadmin/newuser.php
@@ -13,7 +13,7 @@ if (isset($_POST['submitnewuser'])) {
     else {
         // Don't rely on php PRNG
         $newpassword = exec("openssl rand -base64 32 | tr -dc A-Za-z0-9 | head -c 10 ; echo -n ''");
-        if ((preg_match('/^[a-z\d_]$/i', $newpassword)) && (strlen($newpassword)>9)) {
+        if (preg_match('/^[a-z\d_]{8,32}$/i', $newpassword)) {
             $new_user_file = fopen(".new_user.txt", "w") or die("Unable to write to new_user file");
             fwrite($new_user_file, $username.",".$newpassword);
             fclose($new_user_file);
diff --git a/webadmin/setupdomain.php b/webadmin/setupdomain.php
index 874d0f8e15aa3146fdd37f1ca074f3d5fb33bd6b..a237d6bed3ac6eafa53492fca725948527a5929e 100755
--- a/webadmin/setupdomain.php
+++ b/webadmin/setupdomain.php
@@ -9,7 +9,7 @@ $output_filename = "index.html";
 if (isset($_POST['setupdomain'])) {
     $install_domain = htmlspecialchars($_POST['default_domain_name']);
 
-    if ((preg_match('/[^a-z0-9\.]/', $install_domain)) && (strlen($install_domain)>4) && (strlen($install_domain)<128) {
+    if (preg_match('/^[a-z\d_\.\-]{4,128}$/i', $install_domain)) {
         $domain_file = fopen(".temp_domain.txt", "w") or die("Unable to write to domain file");
         fwrite($domain_file, $install_domain);
         fclose($domain_file);
diff --git a/webadmin/userprofile.php b/webadmin/userprofile.php
index 2675288194db9ab840a8f48db4f8be0f5f76dab3..21bbae9f3cf15bf30e6eebfd49ffcce8ef9acb15 100755
--- a/webadmin/userprofile.php
+++ b/webadmin/userprofile.php
@@ -25,13 +25,11 @@ if (isset($_POST['submitchangepassword'])) {
 
     // Don't rely on php PRNG
     $newpassword = exec("openssl rand -base64 32 | tr -dc A-Za-z0-9 | head -c 10 ; echo -n ''");
-    if ((preg_match('/^[a-z\d_]$/i', $newpassword)) && (strlen($newpassword)>9)) {
-        exec('cp password_confirm_template.html password_confirm.html');
-        exec('sed -i "s|USERNAME|'.$username.'|g" password_confirm.html');
-        exec('sed -i "s|NEWPASSWORD|'.$newpassword.'|g" password_confirm.html');
+    exec('cp password_confirm_template.html password_confirm.html');
+    exec('sed -i "s|USERNAME|'.$username.'|g" password_confirm.html');
+    exec('sed -i "s|NEWPASSWORD|'.$newpassword.'|g" password_confirm.html');
 
-        $output_filename = "password_confirm.html";
-    }
+    $output_filename = "password_confirm.html";
 }
 
 $htmlfile = fopen("$output_filename", "r") or die("Unable to open $output_filename");