diff --git a/features/developer_portal/buyer_password_reset.feature b/features/developer_portal/buyer_password_reset.feature
new file mode 100644
index 0000000000..2d454f3032
--- /dev/null
+++ b/features/developer_portal/buyer_password_reset.feature
@@ -0,0 +1,15 @@
+Feature: Buyer signup
+  I want to reset my password as a buyer
+
+  Background:
+    Given a provider exists
+    And master has a application plan "enterprise"
+    And the provider account allows signups
+
+  @recaptcha
+  Scenario: Spam protection detects suspicious behavior
+    Given the provider has spam protection set to suspicious only
+    When the buyer wants to reset their password
+    Then 15 seconds pass
+    Then the buyer doesn't need to pass the captcha after reset password form is filled wrong
+    But the buyer will need to pass the captcha after reset password form is filled in too quickly
diff --git a/features/step_definitions/capcha_steps.rb b/features/step_definitions/capcha_steps.rb
index 1a1a89c06a..2a0cb1daf4 100644
--- a/features/step_definitions/capcha_steps.rb
+++ b/features/step_definitions/capcha_steps.rb
@@ -3,7 +3,7 @@
 RECAPTCHA_SCRIPT = 'script[src^="https://www.google.com/recaptcha/api.js"]'
 
 Then /^I should not see the captcha$/ do
-  page.should_not have_selector(RECAPTCHA_SCRIPT)
+  page.should_not have_selector(RECAPTCHA_SCRIPT, visible: false)
 end
 
 Then /^I should see the captcha$/ do
diff --git a/features/step_definitions/password_steps.rb b/features/step_definitions/password_steps.rb
index 065a23d7d1..90deae8297 100644
--- a/features/step_definitions/password_steps.rb
+++ b/features/step_definitions/password_steps.rb
@@ -37,3 +37,22 @@ def visit_url_in_email(email, subject)
 Then 'I should see the password confirmation error' do
   %q{I should see error "doesn't match Password" for field "Password confirmation"}
 end
+
+When "the buyer wants to reset their password" do
+  step 'the current domain is foo.3scale.localhost'
+  step 'I go to the login page'
+  step 'I follow "Forgot password?"'
+end
+
+Then "the buyer doesn't need to pass the captcha after reset password form is filled wrong" do
+  fill_in("Email", with: "Invalid email")
+  click_on "Send instructions"
+  page.should_not have_selector(RECAPTCHA_SCRIPT, visible: false)
+end
+
+Then "the buyer will need to pass the captcha after reset password form is filled in too quickly" do
+  find('ol').find('#account_confirmation').set(1)
+  fill_in("Email", with: "zed@3scale.localhost")
+  click_on "Send instructions"
+  page.should have_selector(RECAPTCHA_SCRIPT, visible: false)
+end
diff --git a/lib/developer_portal/app/controllers/developer_portal/admin/account/passwords_controller.rb b/lib/developer_portal/app/controllers/developer_portal/admin/account/passwords_controller.rb
index e8e8d2679b..0c23f609b2 100644
--- a/lib/developer_portal/app/controllers/developer_portal/admin/account/passwords_controller.rb
+++ b/lib/developer_portal/app/controllers/developer_portal/admin/account/passwords_controller.rb
@@ -46,13 +46,20 @@ def redirect_to_request_password(error_message)
   end
 
   def buyer
-    @buyer ||= @provider.buyers.build
+    @buyer ||= @provider.buyers.build do |account|
+      # We need to get all the account params to run the spam check
+      account.unflattened_attributes = account_params
+    end
   end
 
   def password_params
     params.require(:user).permit(:password, :password_confirmation)
   end
 
+  def account_params
+    params.fetch(:account, {})
+  end
+
   def find_user
     @token = params[:password_reset_token]
     @user = @provider.buyer_users.find_with_valid_password_token(@token)