diff --git a/prlp.module b/prlp.module
index 015c482..b624aad 100644
--- a/prlp.module
+++ b/prlp.module
@@ -28,5 +28,5 @@ function prlp_form_user_pass_reset_submit(&$form, FormStateInterface $form_state
   $account = $form_state->getBuildInfo()['args'][0];
   $account->setPassword($form_state->getValue('pass'));
   $account->save();
-  drupal_set_message(t('Your new password has been saved.'));
+  \Drupal::messenger()->addStatus(t('Your new password has been saved.'));
 }
diff --git a/src/Controller/PrlpController.php b/src/Controller/PrlpController.php
index de453f5..365c760 100644
--- a/src/Controller/PrlpController.php
+++ b/src/Controller/PrlpController.php
@@ -49,7 +49,7 @@ class PrlpController extends UserController {
       $timeout = $this->config('user.settings')->get('password_reset_timeout');
       // No time out for first time login.
       if (($user->getLastLoginTime() && $user->getLastLoginTime() > $timestamp) || $current - $timestamp > $timeout) {
-        drupal_set_message($this->t('You have tried to use a one-time login link that has expired. Please request a new one using the form below.'), 'error');
+        \Drupal::messenger()->addError($this->t('You have tried to use a one-time login link that has expired. Please request a new one using the form below.'));
         return $this->redirect('user.pass');
       }
       $expiration_date = $user->getLastLoginTime() ? $this->dateFormatter->format($timestamp + $timeout) : NULL;
@@ -72,13 +72,13 @@ class PrlpController extends UserController {
     $timeout = $this->config('user.settings')->get('password_reset_timeout');
     // No time out for first time login.
     if ($user->getLastLoginTime() && $current - $timestamp > $timeout) {
-      drupal_set_message($this->t('You have tried to use a one-time login link that has expired. Please request a new one using the form below.'), 'error');
+      \Drupal::messenger()->addError($this->t('You have tried to use a one-time login link that has expired. Please request a new one using the form below.'));
       return $this->redirect('user.pass');
     }
     elseif ($user->isAuthenticated() && ($timestamp >= $user->getLastLoginTime()) && ($timestamp <= $current)) {
       user_login_finalize($user);
       $this->logger->notice('User %name used one-time login link and changed his password at time %timestamp.', ['%name' => $user->getDisplayName(), '%timestamp' => $timestamp]);
-      drupal_set_message($this->t('You have just used your one-time login link. It is no longer necessary to use this link to log in.'));
+      \Drupal::messenger()->addStatus($this->t('You have just used your one-time login link. It is no longer necessary to use this link to log in.'));
       // Let the user's password be changed without the current password check.
       $token = Crypt::randomBytesBase64(55);
       $_SESSION['pass_reset_' . $user->id()] = $token;
@@ -96,7 +96,7 @@ class PrlpController extends UserController {
       return new RedirectResponse($login_destination);
     }
 
-    drupal_set_message($this->t('You have tried to use a one-time login link that has either been used or is no longer valid. Please request a new one using the form below.'), 'error');
+    \Drupal::messenger()->addError($this->t('You have tried to use a one-time login link that has either been used or is no longer valid. Please request a new one using the form below.'));
     return $this->redirect('user.pass');
   }
 }