diff --git a/lib/validators/password_validator.rb b/lib/validators/password_validator.rb
index a3a0fd3b5c3..ea1bdec5cb4 100644
--- a/lib/validators/password_validator.rb
+++ b/lib/validators/password_validator.rb
@@ -18,7 +18,7 @@ class PasswordValidator < ActiveModel::EachValidator
       record.errors.add(attribute, :same_as_current)
     elsif SiteSetting.block_common_passwords && CommonPasswords.common_password?(value)
       record.errors.add(attribute, :common)
-    elsif value.chars.uniq.size < SiteSetting.password_unique_characters
+    elsif value.chars.inject(Hash.new(0)) { |h,char| h[char] += 1; h }.reject { |k,v| v > 1 }.size < SiteSetting.password_unique_characters
       record.errors.add(attribute, :unique_characters)
     end
   end
diff --git a/spec/components/validators/password_validator_spec.rb b/spec/components/validators/password_validator_spec.rb
index 53e4db45537..7dc1b3f4b97 100644
--- a/spec/components/validators/password_validator_spec.rb
+++ b/spec/components/validators/password_validator_spec.rb
@@ -93,19 +93,19 @@ describe PasswordValidator do
       end
 
       it "adds an error when there are too few unique characters" do
-        @password = "cheeeeeeeese"
+        @password = "aaaaaa5432"
         validate
         expect(record.errors[:password]).to include(password_error_message(:unique_characters))
       end
 
       it "doesn't add an error when there are enough unique characters" do
-        @password = "spooooooorts"
+        @password = "aaaaa54321"
         validate
         expect(record.errors[:password]).not_to be_present
       end
 
-      it "counts capital letters as unique" do
-        @password = "cHeEeeeeesE"
+      it "counts capital letters as different" do
+        @password = "aaaAaa5432"
         validate
         expect(record.errors[:password]).not_to be_present
       end
diff --git a/spec/controllers/users_controller_spec.rb b/spec/controllers/users_controller_spec.rb
index 9b735b577bc..5132422620c 100644
--- a/spec/controllers/users_controller_spec.rb
+++ b/spec/controllers/users_controller_spec.rb
@@ -264,11 +264,11 @@ describe UsersController do
         token = user.email_tokens.create(email: user.email).token
 
         get :password_reset, token: token
-        put :password_reset, token: token, password: 'hg9ow8yhg98o'
-        put :password_reset, token: token, password: 'test123123Asdfsdf'
+        put :password_reset, token: token, password: 'hg9ow8yHG32O'
+        put :password_reset, token: token, password: 'test123987AsdfXYZ'
 
         user.reload
-        expect(user.confirm_password?('hg9ow8yhg98o')).to eq(true)
+        expect(user.confirm_password?('hg9ow8yHG32O')).to eq(true)
 
         # logged in now
         expect(user.user_auth_tokens.count).to eq(1)