diff --git a/helpers.lua b/helpers.lua
index 89fba97..99cfc83 100644
--- a/helpers.lua
+++ b/helpers.lua
@@ -598,26 +598,20 @@ function ensure_user_password_uses_strong_hash(ldap, user, password)
 end
 
 -- Read result of a command after given it securely the password
-function secure_cmd_password(cmd, password)
+function secure_cmd_password(cmd, password, start)
     -- Check password validity
     math.randomseed( os.time() )
     local tmp_file = "/tmp/ssowat_"..math.random()
-    local w_pwd = io.popen(string.format(cmd, tmp_file), 'w')
+    local w_pwd = io.popen("("..cmd..") tee -a "..tmp_file, 'w')
     w_pwd:write(password)
+    -- This second write is just to validate the password question
+    -- Do not remove
     w_pwd:write("")
     w_pwd:close()
     local r_pwd = io.open(tmp_file, 'r')
-    local i = 0
-    local text = ""
-    for line in io.lines(tmp_file) do
-        i = i + 1
-        if i > 4 then
-            text = text..line.."\n"
-        end
-    end
+    text = r_pwd:read "*a"
     r_pwd:close()
     os.remove(tmp_file)
-    ngx.log(ngx.STDERR, text)
     return text
 end
 
@@ -651,19 +645,11 @@ function edit_user()
                 -- and the new password against the confirmation field's content
                 if args.newpassword == args.confirm then
                     -- Check password validity
-                    local valid_result = secure_cmd_password("( python /usr/lib/moulinette/yunohost/utils/password.py 2>&1 || echo ::ERROR:: ) | tee -a %s", args.newpassword)
-                    -- We remove 4 lines due to a Warning message
-                    local i = 0
-                    local validation_error = nil
-                    local result_msg = nil
+                    local result_msg = secure_cmd_password("python /usr/lib/moulinette/yunohost/utils/password.py", args.newpassword)
+                    validation_error = true
 
-                    for line in string.gmatch(valid_result, "[^\n]+") do
-                        if i == 0 then 
-                            result_msg = line 
-                        else
-                            validation_error = line
-                        end
-                        i = i + 1
+                    if result_msg == 'password_advice' or result_msg == nil or result_msg == "" then
+                        validation_error = nil
                     end
                     if validation_error == nil then
 
@@ -883,11 +869,8 @@ end
 -- hash the user password using sha-512 and using {CRYPT} to uses linux auth system
 -- because ldap doesn't support anything stronger than sha1
 function hash_password(password)
-    -- TODO is the password checked by regex? we don't want to
-    -- allow shell injection
-    local mkpasswd  = io.popen("mkpasswd --method=sha-512 '" ..password:gsub("'", "'\\''").."'")
-    local hashed_password = "{CRYPT}"..mkpasswd:read()
-    mkpasswd:close()
+    local hashed_password = secure_cmd_password("mkpasswd --method=sha-512", password)
+    hashed_password = "{CRYPT}"..hashed_password
     return hashed_password
 end
 
@@ -901,7 +884,7 @@ function login()
     local uri_args = ngx.req.get_uri_args()
 
     args.user = string.lower(args.user)
-
+    
     local user = authenticate(args.user, args.password)
     if user then
         ngx.status = ngx.HTTP_CREATED