diff --git a/src/main/java/fr/xephi/authme/commands/ChangePasswordCommand.java b/src/main/java/fr/xephi/authme/commands/ChangePasswordCommand.java
index 24fc46f81..7ca904d15 100644
--- a/src/main/java/fr/xephi/authme/commands/ChangePasswordCommand.java
+++ b/src/main/java/fr/xephi/authme/commands/ChangePasswordCommand.java
@@ -53,6 +53,11 @@ public class ChangePasswordCommand implements CommandExecutor {
             return true;
         }
 
+        String lowpass = args[1].toLowerCase();
+        if ((lowpass.contains("delete") || lowpass.contains("where") || lowpass.contains("insert") || lowpass.contains("modify") || lowpass.contains("from") || lowpass.contains("select") || lowpass.contains(";") || lowpass.contains("null")) || !lowpass.matches(Settings.getPassRegex)) {
+            m.send(player, "password_error");
+            return true;
+        }
         try {
             String hashnew = PasswordSecurity.getHash(Settings.getPasswordHash, args[1], name);