diff --git a/app/controllers/my_controller.rb b/app/controllers/my_controller.rb
index 8ef263e..982541d 100644
--- a/app/controllers/my_controller.rb
+++ b/app/controllers/my_controller.rb
@@ -102,7 +102,7 @@ class MyController < ApplicationController
         if @user.save
           # Reset the session creation time to not log out this session on next
           # request due to ApplicationController#force_logout_if_password_changed
-          session[:ctime] = Time.now.utc.to_i
+          session[:ctime] = User.current.passwd_changed_on.utc.to_i
           flash[:notice] = l(:notice_account_password_updated)
           redirect_to my_account_path
         end
diff --git a/app/models/user.rb b/app/models/user.rb
index 2175d06..8811a65 100644
--- a/app/models/user.rb
+++ b/app/models/user.rb
@@ -314,7 +314,7 @@ class User < Principal
   def salt_password(clear_password)
     self.salt = User.generate_salt
     self.hashed_password = User.hash_password("#{salt}#{User.hash_password clear_password}")
-    self.passwd_changed_on = Time.now
+    self.passwd_changed_on = Time.now.change(:usec => 0)
   end
 
   # Does the backend storage allow this user to change their password?