diff --git a/config/config.js b/config/config.js
index 225886777541cc9982ff072aadf539d3005e3882..a64a42262a834e99c55475d732aebd0097c41dbe 100644
--- a/config/config.js
+++ b/config/config.js
@@ -1,7 +1,7 @@
 module.exports = {
   development: {
     app: {
-      hostname: 'm4lab.hft-stuttgart.de/account/',
+      hostname: 'm4lab.hft-stuttgart.de/account',
       name: 'User Account Management',
       port: process.env.PORT || 9989
     },
diff --git a/routes/routes.js b/routes/routes.js
index 7f7598d8bfbf8d08f98e173d88a000d609a763e4..e849589e80b110592fe72751998777a1e70915cf 100644
--- a/routes/routes.js
+++ b/routes/routes.js
@@ -364,11 +364,12 @@ module.exports = function (app, config, passport) {
   });
 
   app.post('/reset/:token', function(req, res) {
+    var newPwd = req.body.inputNewPwd  
     methods.checkUserToken(req.params.token, function(err, user){
       if (user) {
         // update password
         bcrypt.genSalt(saltRounds, function(err, salt) {
-          bcrypt.hash(req.params.inputNewPwd, salt, function(err, hash) {
+          bcrypt.hash(newPwd, salt, function(err, hash) {
             methods.updatePassword(hash, user.email, function(err){
               if (err) {
                 req.flash('error', "Database error: Password cannot be modified.")