diff --git a/pom.xml b/pom.xml
index f513549707ae477db909320cf2b4d065ef5d9850..3796e2feb12a70dff5686e464c23702286ba374d 100644
--- a/pom.xml
+++ b/pom.xml
@@ -132,6 +132,11 @@
       <version>1.2.14</version>
       <type>jar</type>
     </dependency>
+    <dependency>
+      <groupId>org.passay</groupId>
+      <artifactId>passay</artifactId>
+      <version>1.1.0</version>
+    </dependency>
     <dependency>
       <groupId>javax</groupId>
       <artifactId>javaee-web-api</artifactId>
@@ -158,11 +163,11 @@
 	<artifactId>google-api-client</artifactId>
 	<version>1.19.1</version>
 </dependency>
-  <dependency>
+  <!--dependency>
       <groupId>edu.vt.middleware</groupId>
       <artifactId>vt-password</artifactId>
       <version>3.1.2</version>
-  </dependency>
+  </dependency-->
 <dependency>
 	<groupId>commons-fileupload</groupId>
 	<artifactId>commons-fileupload</artifactId>
diff --git a/src/main/java/no/nibio/vips/logic/controller/session/UserBean.java b/src/main/java/no/nibio/vips/logic/controller/session/UserBean.java
index 4b1c09a392b05a9d9849614f72da1568c70193c0..47b04b29dc9a4bb2c194f43507df592f2ff604cf 100644
--- a/src/main/java/no/nibio/vips/logic/controller/session/UserBean.java
+++ b/src/main/java/no/nibio/vips/logic/controller/session/UserBean.java
@@ -24,20 +24,7 @@ import com.fasterxml.jackson.databind.ObjectMapper;
 import com.ibm.icu.util.Calendar;
 import com.ibm.icu.util.TimeZone;
 import com.ibm.icu.util.ULocale;
-import edu.vt.middleware.password.CharacterCharacteristicsRule;
-import edu.vt.middleware.password.CharacterRule;
-import edu.vt.middleware.password.DigitCharacterRule;
-import edu.vt.middleware.password.LengthRule;
-import edu.vt.middleware.password.LowercaseCharacterRule;
-import edu.vt.middleware.password.MessageResolver;
-import edu.vt.middleware.password.Password;
-import edu.vt.middleware.password.PasswordData;
-import edu.vt.middleware.password.PasswordGenerator;
-import edu.vt.middleware.password.PasswordValidator;
-import edu.vt.middleware.password.Rule;
-import edu.vt.middleware.password.RuleResult;
-import edu.vt.middleware.password.UppercaseCharacterRule;
-import edu.vt.middleware.password.WhitespaceRule;
+
 import java.io.IOException;
 import java.io.InputStream;
 import java.text.MessageFormat;
@@ -85,6 +72,18 @@ import no.nibio.vips.logic.util.SimpleMailSender;
 import no.nibio.vips.logic.util.StringUtils;
 import no.nibio.vips.util.MD5Encrypter;
 import no.nibio.web.forms.FormValidationException;
+import org.passay.CharacterCharacteristicsRule;
+import org.passay.CharacterRule;
+import org.passay.EnglishCharacterData;
+import org.passay.LengthRule;
+import org.passay.MessageResolver;
+import org.passay.PasswordData;
+import org.passay.PasswordGenerator;
+import org.passay.PasswordValidator;
+import org.passay.PropertiesMessageResolver;
+import org.passay.Rule;
+import org.passay.RuleResult;
+import org.passay.WhitespaceRule;
 
 /**
  * Handles user stuff, credentials
@@ -303,8 +302,8 @@ public class UserBean {
         // Try to load localized error messages
         try
         {
-            props.load(this.getClass().getResourceAsStream("/no/nibio/vips/logic/i18n/vtpassword" + propertiesFileSuffix + ".properties"));
-            MessageResolver resolver = new MessageResolver(props);
+            props.load(this.getClass().getResourceAsStream("/no/nibio/vips/logic/i18n/passay" + propertiesFileSuffix + ".properties"));
+            MessageResolver resolver = new PropertiesMessageResolver(props);
             validator = new PasswordValidator(resolver, this.getDefaultPasswordValidatorRuleList());
         }
         // Something went wrong when attempting to get localized error messages. Skip that.
@@ -313,7 +312,7 @@ public class UserBean {
             validator = new PasswordValidator(this.getDefaultPasswordValidatorRuleList());
         }
 
-        PasswordData passwordData = new PasswordData(new Password(password));
+        PasswordData passwordData = new PasswordData(password);
         RuleResult result = validator.validate(passwordData);
         if(result.isValid())
         {
@@ -395,11 +394,11 @@ public class UserBean {
     {
         List<CharacterRule> defaultCharacterRules = new ArrayList<>();
         // require at least 1 digit in passwords
-        defaultCharacterRules.add(new DigitCharacterRule(1));
+        defaultCharacterRules.add(new CharacterRule(EnglishCharacterData.Digit,1));
         // require at least 1 upper case char
-        defaultCharacterRules.add(new UppercaseCharacterRule(1));
+        defaultCharacterRules.add(new CharacterRule(EnglishCharacterData.UpperCase, 1));
         // require at least 1 lower case char
-        defaultCharacterRules.add(new LowercaseCharacterRule(1));
+        defaultCharacterRules.add(new CharacterRule(EnglishCharacterData.LowerCase, 1));
         return defaultCharacterRules;
     }
     
diff --git a/src/main/resources/no/nibio/vips/logic/i18n/vtpassword.properties b/src/main/resources/no/nibio/vips/logic/i18n/passay.properties
similarity index 60%
rename from src/main/resources/no/nibio/vips/logic/i18n/vtpassword.properties
rename to src/main/resources/no/nibio/vips/logic/i18n/passay.properties
index 90e4d0c1133b11a4aadf02b7bcd6fb20d468c7e5..5d364fe65d744c84c4282e91f515509334eb7ad6 100644
--- a/src/main/resources/no/nibio/vips/logic/i18n/vtpassword.properties
+++ b/src/main/resources/no/nibio/vips/logic/i18n/passay.properties
@@ -1,5 +1,5 @@
 #
- # Copyright (c) 2014 NIBIO <http://www.nibio.no/>. 
+ # Copyright (c) 2016 NIBIO <http://www.nibio.no/>. 
  # 
  # This file is part of VIPSLogic.
  # VIPSLogic is free software: you can redistribute it and/or modify
@@ -17,21 +17,26 @@
  # 
 
 # This (and and corresponding localized) property  file(s) 
-# Localizes the error messages given from the vt-password properties files
-# @see UserBean.isPasswordValid() and http://code.google.com/p/vt-middleware/wiki/vtpassword
+# Localizes the error messages given from the passay properties files
+# @see UserBean.isPasswordValid() and http://www.passay.org/reference/
 # for usage
 HISTORY_VIOLATION=Password matches one of %1$s previous passwords.
 ILLEGAL_WORD=Password contains the dictionary word '%1$s'.
 ILLEGAL_WORD_REVERSED=Password contains the reversed dictionary word '%1$s'.
-ILLEGAL_MATCH=Password matches the illegal sequence '%1$s'.
+ILLEGAL_MATCH=Password matches the illegal pattern '%1$s'.
+ALLOWED_MATCH=Password must match pattern '%1$s'.
 ILLEGAL_CHAR=Password contains the illegal character '%1$s'.
+ALLOWED_CHAR=Password contains the illegal character '%1$s'.
 ILLEGAL_SEQUENCE=Password contains the illegal sequence '%1$s'.
 ILLEGAL_USERNAME=Password contains the user id '%1$s'.
 ILLEGAL_USERNAME_REVERSED=Password contains the user id '%1$s' in reverse.
 ILLEGAL_WHITESPACE=Password cannot contain whitespace characters.
-INSUFFICIENT_CHARACTERS=Password must contain at least %1$s %2$s characters.
-INSUFFICIENT_CHARACTERISTICS=Password matches %1$s of %2$s character rules, but %3$s are required.
+INSUFFICIENT_UPPERCASE=Password must contain at least %1$s uppercase characters.
+INSUFFICIENT_LOWERCASE=Password must contain at least %1$s lowercase characters.
+INSUFFICIENT_ALPHABETICAL=Password must contain at least %1$s alphabetical characters.
+INSUFFICIENT_DIGIT=Password must contain at least %1$s digit characters.
+INSUFFICIENT_SPECIAL=Password must contain at least %1$s special characters.
+INSUFFICIENT_CHARACTERISTICS=Password matches %1$s of %3$s character rules, but %2$s are required.
 SOURCE_VIOLATION=Password cannot be the same as your %1$s password.
 TOO_LONG=Password must be no more than %2$s characters in length.
-TOO_SHORT=Password must be at least %1$s characters in length.
-
+TOO_SHORT=Password must be at least %1$s characters in length.
\ No newline at end of file
diff --git a/src/main/resources/no/nibio/vips/logic/i18n/passay_nb.properties b/src/main/resources/no/nibio/vips/logic/i18n/passay_nb.properties
new file mode 100644
index 0000000000000000000000000000000000000000..128eefb6030f3cf5a41a41857f5ac6424bf49dd1
--- /dev/null
+++ b/src/main/resources/no/nibio/vips/logic/i18n/passay_nb.properties
@@ -0,0 +1,42 @@
+#
+ # Copyright (c) 2016 NIBIO <http://www.nibio.no/>. 
+ # 
+ # This file is part of VIPSLogic.
+ # VIPSLogic is free software: you can redistribute it and/or modify
+ # it under the terms of the NIBIO Open Source License as published by 
+ # NIBIO, either version 1 of the License, or (at your option) any
+ # later version.
+ # 
+ # VIPSLogic is distributed in the hope that it will be useful,
+ # but WITHOUT ANY WARRANTY; without even the implied warranty of
+ # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ # NIBIO Open Source License for more details.
+ # 
+ # You should have received a copy of the NIBIO Open Source License
+ # along with VIPSLogic.  If not, see <http://www.nibio.no/licenses/>.
+ # 
+
+# This (and and corresponding localized) property  file(s) 
+# Localizes the error messages given from the passay properties files
+# @see UserBean.isPasswordValid() and http://www.passay.org/reference/
+# for usage
+HISTORY_VIOLATION=Passordet er det samme som %1$s tidligere passord.
+ILLEGAL_WORD=Passordet inneholder ordet '%1$s'.
+ILLEGAL_WORD_REVERSED=Passordet inneholder ordet '%1$s' baklengs.
+ILLEGAL_MATCH=Passordet matcher det ulovlige m\u00f8nsteret '%1$s'.
+ALLOWED_MATCH=Passordet m\u00e5 matche m\u00f8nsteret '%1$s'.
+ILLEGAL_CHAR=Passordet inneholder det ulovlige tegnet '%1$s'.
+ALLOWED_CHAR=Passordet inneholder det ulovlige tegnet '%1$s'.
+ILLEGAL_SEQUENCE=Passordet inneholder den ulovlige sekvensen '%1$s'.
+ILLEGAL_USERNAME=Passordet inneholder bruker-iden '%1$s'.
+ILLEGAL_USERNAME_REVERSED=Passordet inneholder bruker-iden '%1$s' baklengs.
+ILLEGAL_WHITESPACE=Passordet kan ikke inneholder mellomrom.
+INSUFFICIENT_UPPERCASE=Passordet m\u00e5 inneholdet minst %1$s STORE BOKSTAV(ER).
+INSUFFICIENT_LOWERCASE=Passordet m\u00e5 inneholde minst %1$s sm\u00e5 bokstav(er).
+INSUFFICIENT_ALPHABETICAL=Passordet m\u00e5 inneholde minst %1$s bokstav.
+INSUFFICIENT_DIGIT=Passordet m\u00e5 inneholde minst %1$s tall.
+INSUFFICIENT_SPECIAL=Passordet m\u00e5 inneholde minst %1$s spesialtegn.
+INSUFFICIENT_CHARACTERISTICS=Passordet matcher %1$s av %3$s krav, men %2$s kreves.
+SOURCE_VIOLATION=Passordet kan ikke v\u00e6re det samme som ditt %1$s-passord.
+TOO_LONG=Passordet kan ikke v\u00e6re lenger enn %2$s tegn.
+TOO_SHORT=Passordet m\u00e5 v\u00e6re minst %1$s tegn langt.
diff --git a/src/main/resources/no/nibio/vips/logic/i18n/vtpassword_nb.properties b/src/main/resources/no/nibio/vips/logic/i18n/vtpassword_nb.properties
deleted file mode 100644
index b6f38c3fc8180e82671ce084c775129f85f22036..0000000000000000000000000000000000000000
--- a/src/main/resources/no/nibio/vips/logic/i18n/vtpassword_nb.properties
+++ /dev/null
@@ -1,37 +0,0 @@
-#
- # Copyright (c) 2014 NIBIO <http://www.nibio.no/>. 
- # 
- # This file is part of VIPSLogic.
- # VIPSLogic is free software: you can redistribute it and/or modify
- # it under the terms of the NIBIO Open Source License as published by 
- # NIBIO, either version 1 of the License, or (at your option) any
- # later version.
- # 
- # VIPSLogic is distributed in the hope that it will be useful,
- # but WITHOUT ANY WARRANTY; without even the implied warranty of
- # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- # NIBIO Open Source License for more details.
- # 
- # You should have received a copy of the NIBIO Open Source License
- # along with VIPSLogic.  If not, see <http://www.nibio.no/licenses/>.
- # 
-
-# This (and and corresponding localized) property  file(s) 
-# Localizes the error messages given from the vt-password properties files
-# @see UserBean.isPasswordValid() and http://code.google.com/p/vt-middleware/wiki/vtpassword
-# for usage
-HISTORY_VIOLATION=Passordet er det samme som et av %1$s forrige passord.
-ILLEGAL_WORD=Passordet inneholder det ordlisteoppf\u00f8rte ordet '%1$s'.
-ILLEGAL_WORD_REVERSED=Passordet inneholder det ordlisteoppf\u00f8rte ordet '%1$s' baklengs.
-ILLEGAL_MATCH=Passordet er den ulovlige sekvensen '%1$s'.
-ILLEGAL_CHAR=Passordet inneholder det ulovlige tegnet '%1$s'.
-ILLEGAL_SEQUENCE=Passordet inneholder den ulovlige sekvensen '%1$s'.
-ILLEGAL_USERNAME=Passordet inneholder brukerid '%1$s'.
-ILLEGAL_USERNAME_REVERSED=Passordet inneholder brukerid '%1$s' baklengs.
-ILLEGAL_WHITESPACE=Passordet kan ikke inneholde blanke tegn.
-INSUFFICIENT_CHARACTERS=Passordet m\u00e5 ha minst %1$s %2$s-tegn.
-INSUFFICIENT_CHARACTERISTICS=Passordet stemmer med %1$s av %2$s tegnsettregler, men %3$s kreves.
-SOURCE_VIOLATION=Passordet kan ikke v\u00e6re det samme som ditt %1$s passord.
-TOO_LONG=Passordet kan ikke v\u00e6re lenger enn %2$s tegn.
-TOO_SHORT=Passordet m\u00e5 v\u00e6re minst %1$s tegn langt.
-