diff --git a/ChangeLog b/ChangeLog
index 8409644ba..e80cfa4f8 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -38,6 +38,7 @@ $HeadURL: https://phpmyadmin.svn.sourceforge.net/svnroot/phpmyadmin/trunk/phpMyA
 - bug #1831646 [table creation] Error in CREATE TABLE with multiple primary
   keys and AUTO_INCREMENT
 - [display] Division by zero when showing all records (page selector)
+- bug #1828265 [privileges] No weird characters in generated password
 
 2.11.2.1 (2007-11-11)
 - fixed possible SQL injection using database name
diff --git a/js/server_privileges.js b/js/server_privileges.js
index 95b1b873c..ac9396d86 100644
--- a/js/server_privileges.js
+++ b/js/server_privileges.js
@@ -79,7 +79,10 @@ function checkAddUser(the_form)
  * @return  boolean  always true
  */
 function suggestPassword() {
-    var pwchars = "abcdefhjmnpqrstuvwxyz23456789ABCDEFGHJKLMNPQRSTUVWYXZ.,:";
+    // restrict the password to just letters and numbers to avoid problems:
+    // "editors and viewers regard the password as multiple words and
+    // things like double click no longer work"
+    var pwchars = "abcdefhjmnpqrstuvwxyz23456789ABCDEFGHJKLMNPQRSTUVWYXZ";
     var passwordlength = 16;    // do we want that to be dynamic?  no, keep it simple :)
     var passwd = document.getElementById('generated_pw');
     passwd.value = '';