diff --git a/ChangeLog b/ChangeLog
index 449e33ad2..866f772c2 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -81,6 +81,7 @@ $HeadURL: https://phpmyadmin.svn.sourceforge.net/svnroot/phpmyadmin/trunk/phpMyA
 - bug #1751172 Do not export data when exporting a single VIEW
 + [lang] Swedish update, thanks to Björn T. Hallberg 
 + [lang] Russian update, thanks to Victor Volkov and the php-myadmin.ru users 
++ [privileges] Support password hashing on the Edit Privileges interface 
 
 2.10.3.0 (not yet released)
 
diff --git a/libraries/display_change_password.lib.php b/libraries/display_change_password.lib.php
new file mode 100644
index 000000000..20186af3e
--- /dev/null
+++ b/libraries/display_change_password.lib.php
@@ -0,0 +1,78 @@
+<?php
+/* vim: set expandtab sw=4 ts=4 sts=4: */
+/**
+ * Displays form for password change 
+ *
+ * @version $Id$
+ */
+
+// loic1: autocomplete feature of IE kills the "onchange" event handler and it
+//        must be replaced by the "onpropertychange" one in this case
+$chg_evt_handler = (PMA_USR_BROWSER_AGENT == 'IE' && PMA_USR_BROWSER_VER >= 5)
+                 ? 'onpropertychange'
+                 : 'onchange';
+
+$calling_script = PMA_getenv('PHP_SELF');
+
+// Displays the form
+?>
+<form method="post" action="<?php echo $calling_script; ?>" name="chgPassword" onsubmit="return checkPassword(this)">
+    <?php   echo PMA_generate_common_hidden_inputs();
+            if (strpos($calling_script, 'server_privileges') !== false) {
+                echo '<input type="hidden" name="username" value="' . htmlspecialchars($username) . '" />' . "\n"
+                   . '<input type="hidden" name="hostname" value="' . htmlspecialchars($hostname) . '" />' . "\n";
+            }?>
+    <fieldset id="fieldset_change_password">
+        <legend><?php echo $GLOBALS['strChangePassword']; ?></legend>
+            <table class="data">
+            <tr class="odd noclick">
+                <td colspan="2">
+                    <input type="radio" name="nopass" value="1" onclick="pma_pw.value = ''; pma_pw2.value = ''; this.checked = true" />
+            <?php echo $GLOBALS['strNoPassword'] . "\n"; ?>
+                </td>
+            </tr>
+            <tr class="even noclick">
+                <td>
+                    <input type="radio" name="nopass" value="0" onclick="document.getElementById('pw_pma_pw').focus();" checked="checked " />
+            <?php echo $GLOBALS['strPassword']; ?>:&nbsp;
+                </td>
+                <td>
+                    <input type="password" name="pma_pw" id="pw_pma_pw" size="10" class="textfield" <?php echo $chg_evt_handler; ?>="nopass[1].checked = true" />
+            &nbsp;&nbsp;
+            <?php echo $GLOBALS['strReType']; ?>:&nbsp;
+                    <input type="password" name="pma_pw2" id="pw_pma_pw2" size="10" class="textfield" <?php echo $chg_evt_handler; ?>="nopass[1].checked = true" />
+                </td>
+            </tr>
+    <?php
+
+if (PMA_MYSQL_INT_VERSION >= 40102) {
+    ?>
+    <tr>
+        <td>
+        <?php echo $strPasswordHashing; ?>:
+    </td>
+    <td>
+        <input type="radio" name="pw_hash" id="radio_pw_hash_new" value="new" checked="checked" />
+        <label for="radio_pw_hash_new">
+            MySQL&nbsp;4.1+
+        </label>
+    </td>
+    </tr>
+    <tr>
+        <td>&nbsp;</td>
+    <td>
+        <input type="radio" name="pw_hash" id="radio_pw_hash_old" value="old" />
+        <label for="radio_pw_hash_old">
+            <?php echo $strCompatibleHashing; ?>
+        </label>
+    </td>
+    </tr>
+    <?php
+}
+    ?>
+        </table>
+    </fieldset>
+    <fieldset id="fieldset_change_password_footer" class="tblFooters">
+            <input type="submit" name="change_pw" value="<?php echo($strGo); ?>" />
+    </fieldset>
+</form>
diff --git a/server_privileges.php b/server_privileges.php
index 9efd8f1d2..d806a4413 100644
--- a/server_privileges.php
+++ b/server_privileges.php
@@ -1092,22 +1092,28 @@ if (!empty($revokeall)) {
  * Updates the password
  */
 if (!empty($change_pw)) {
-    if ($nopass == 1) {
-        $sql_query = 'SET PASSWORD FOR \'' . $username . '\'@\'' . $hostname . '\' = \'\';';
-        PMA_DBI_query($sql_query);
-        $message = sprintf($GLOBALS['strPasswordChanged'], '\'' . $username . '\'@\'' . $hostname . '\'');
-    } elseif (empty($pma_pw) || empty($pma_pw2)) {
-        $message = $GLOBALS['strPasswordEmpty'];
-    } elseif ($pma_pw != $pma_pw2) {
-        $message = $GLOBALS['strPasswordNotSame'];
-    } else {
-        $hidden_pw = '';
-        for ($i = 0; $i < strlen($pma_pw); $i++) {
-            $hidden_pw .= '*';
+    // similar logic in user_password.php
+    $message = '';
+
+    if ($nopass == 0 && isset($pma_pw) && isset($pma_pw2)) {
+        if ($pma_pw != $pma_pw2) {
+            $message = $strPasswordNotSame;
         }
-        $local_query = 'SET PASSWORD FOR \'' . PMA_sqlAddslashes($username) . '\'@\'' . $hostname . '\' = PASSWORD(\'' . PMA_sqlAddslashes($pma_pw) . '\')';
-        $sql_query = 'SET PASSWORD FOR \'' . PMA_sqlAddslashes($username) . '\'@\'' . $hostname . '\' = PASSWORD(\'' . $hidden_pw . '\')';
-        PMA_DBI_try_query($local_query) or PMA_mysqlDie(PMA_DBI_getError(), $sql_query);
+        if (empty($pma_pw) || empty($pma_pw2)) {
+            $message = $strPasswordEmpty;
+        }
+    } // end if
+
+    // here $nopass could be == 1
+    if (empty($message)) {
+
+        $hashing_function = (PMA_MYSQL_INT_VERSION >= 40102 && !empty($pw_hash) && $pw_hash == 'old' ? 'OLD_' : '')
+                      . 'PASSWORD';
+
+        // in $sql_query which will be displayed, hide the password
+        $sql_query        = 'SET PASSWORD FOR \'' . PMA_sqlAddslashes($username) . '\'@\'' . $hostname . '\' = ' . (($pma_pw == '') ? '\'\'' : $hashing_function . '(\'' . preg_replace('@.@s', '*', $pma_pw) . '\')');
+        $local_query      = 'SET PASSWORD FOR \'' . PMA_sqlAddslashes($username) . '\'@\'' . $hostname . '\' = ' . (($pma_pw == '') ? '\'\'' : $hashing_function . '(\'' . PMA_sqlAddslashes($pma_pw) . '\')');
+        PMA_DBI_try_query($local_query) or PMA_mysqlDie(PMA_DBI_getError(), $sql_query, FALSE, $err_url);
         $message = sprintf($GLOBALS['strPasswordChanged'], '\'' . $username . '\'@\'' . $hostname . '\'');
     }
 }
@@ -1911,34 +1917,9 @@ if (empty($adduser) && (! isset($checkprivs) || ! strlen($checkprivs))) {
         }
 
         if ((! isset($dbname) || ! strlen($dbname)) && ! $user_does_not_exists) {
+            require_once './libraries/display_change_password.lib.php';
+
             echo '<form action="server_privileges.php" method="post" onsubmit="return checkPassword(this);">' . "\n"
-               . PMA_generate_common_hidden_inputs('', '', 3)
-               . '<input type="hidden" name="username" value="' . htmlspecialchars($username) . '" />' . "\n"
-               . '<input type="hidden" name="hostname" value="' . htmlspecialchars($hostname) . '" />' . "\n"
-               . '<fieldset id="fieldset_change_password">' . "\n"
-               . '    <legend>' . $GLOBALS['strChangePassword'] . '</legend>' . "\n"
-               . '    <table class="data">' . "\n"
-               . '    <tr class="odd noclick">' . "\n"
-               . '        <td><input type="radio" name="nopass" value="1" id="radio_nopass_1" onclick="pw_pma_pw.value=\'\'; pw_pma_pw2.value=\'\';" /></td>' . "\n"
-               . '        <td colspan="2"><label for="radio_nopass_1">' . $GLOBALS['strNoPassword'] . '</label></td>' . "\n"
-               . '    </tr>' . "\n"
-               . '    <tr class="even noclick">' . "\n"
-               . '        <td><input type="radio" name="nopass" value="0" id="radio_nopass_0" onclick="document.getElementById(\'pw_pma_pw\').focus();" /></td>' . "\n"
-               . '        <td><label for="radio_nopass_0">' . $GLOBALS['strPassword'] . ':</label></td>' . "\n"
-               . '        <td><input type="password" name="pma_pw" id="pw_pma_pw" onchange="nopass[1].checked = true;" /></td>' . "\n"
-               . '    </tr>' . "\n"
-               . '    <tr class="odd noclick">' . "\n"
-               . '        <td></td>' . "\n"
-               . '        <td><label for="pw_pma_pw2">' . $GLOBALS['strReType'] . ':</label></td>' . "\n"
-               . '        <td><input type="password" name="pma_pw2" id="pw_pma_pw2" onchange="nopass[1].checked = true;" /></td>' . "\n"
-               . '    </tr>' . "\n"
-               . '    </table>' . "\n"
-               . '</fieldset>' . "\n"
-               . '<fieldset id="fieldset_change_password_footer" class="tblFooters">' . "\n"
-               . '    <input type="submit" name="change_pw" value="' . $GLOBALS['strGo'] . '" />' . "\n"
-               . '</fieldset>' . "\n"
-               . '</form>' . "\n"
-               . '<form action="server_privileges.php" method="post" onsubmit="return checkPassword(this);">' . "\n"
                . PMA_generate_common_hidden_inputs('', '', 3)
                . '<input type="hidden" name="old_username" value="' . htmlspecialchars($username) . '" />' . "\n"
                . '<input type="hidden" name="old_hostname" value="' . htmlspecialchars($hostname) . '" />' . "\n"
diff --git a/user_password.php b/user_password.php
index ed625936e..4091ffb15 100644
--- a/user_password.php
+++ b/user_password.php
@@ -30,6 +30,7 @@ if ($cfg['Server']['auth_type'] == 'config' || !$cfg['ShowChgPassword']) {
  * and submit the query or logout
  */
 if (isset($nopass)) {
+    // similar logic in server_privileges.php
     $error_msg = '';
 
     if ($nopass == 0 && isset($pma_pw) && isset($pma_pw2)) {
@@ -96,75 +97,8 @@ if (!empty($error_msg)) {
     echo '<p><b>' . $strError . ':&nbsp;' . $error_msg . '</b></p>' . "\n";
 }
 
-// loic1: autocomplete feature of IE kills the "onchange" event handler and it
-//        must be replaced by the "onpropertychange" one in this case
-$chg_evt_handler = (PMA_USR_BROWSER_AGENT == 'IE' && PMA_USR_BROWSER_VER >= 5)
-                 ? 'onpropertychange'
-                 : 'onchange';
+require_once './libraries/display_change_password.lib.php';
 
-// Displays the form
-?>
-<form method="post" action="./user_password.php" name="chgPassword" onsubmit="return checkPassword(this)">
-    <?php echo PMA_generate_common_hidden_inputs(); ?>
-    <table border="0">
-    <tr>
-        <td colspan="2">
-            <input type="radio" name="nopass" value="1" onclick="pma_pw.value = ''; pma_pw2.value = ''; this.checked = true" />
-            <?php echo $GLOBALS['strNoPassword'] . "\n"; ?>
-        </td>
-    </tr>
-    <tr>
-        <td>
-            <input type="radio" name="nopass" value="0" checked="checked " />
-            <?php echo $GLOBALS['strPassword']; ?>:&nbsp;
-        </td>
-        <td>
-            <input type="password" name="pma_pw" size="10" class="textfield" <?php echo $chg_evt_handler; ?>="nopass[1].checked = true" />
-            &nbsp;&nbsp;
-            <?php echo $GLOBALS['strReType']; ?>:&nbsp;
-            <input type="password" name="pma_pw2" size="10" class="textfield" <?php echo $chg_evt_handler; ?>="nopass[1].checked = true" />
-        </td>
-    </tr>
-    <?php
-
-if (PMA_MYSQL_INT_VERSION >= 40102) {
-    ?>
-    <tr>
-        <td>
-        <?php echo $strPasswordHashing; ?>:
-    </td>
-    <td>
-        <input type="radio" name="pw_hash" id="radio_pw_hash_new" value="new" checked="checked" />
-        <label for="radio_pw_hash_new">
-            MySQL&nbsp;4.1
-        </label>
-    </td>
-    </tr>
-    <tr>
-        <td>&nbsp;</td>
-    <td>
-        <input type="radio" name="pw_hash" id="radio_pw_hash_old" value="old" />
-        <label for="radio_pw_hash_old">
-            <?php echo $strCompatibleHashing; ?>
-        </label>
-    </td>
-    </tr>
-    <?php
-}
-
-    ?>
-    <tr>
-        <td colspan="2">&nbsp;</td>
-    </tr>
-    <tr>
-        <td colspan="2">
-            <input type="submit" value="<?php echo($strChange); ?>" />
-        </td>
-    </tr>
-    </table>
-</form>
-
-<?php
 /**
  * Displays the footer
  */