diff --git a/dal/views.py b/dal/views.py
index d8443df..26f82f9 100644
--- a/dal/views.py
+++ b/dal/views.py
@@ -333,7 +333,7 @@ class ResetRequest(View):
         # get the hidden value of user
         user = request.POST.get("user")
         # some checks over the supplied data
-        if user == "" or not user:
+        if user == "" or not user or user != self.request.user.username:
             return render(request, 'error.html', { 'service': service, 'error': 'Something went wrong. Did you use the supplied form?' } )
         if password1 == "" or not password1 or password2 == "" or not password2:
             return render(request, 'error.html', { 'service': service, 'error': 'Please supply a password and confirm it.' } )