diff --git a/modules/user/user.pages.inc b/modules/user/user.pages.inc
index f21bd13..9c7a8fe 100644
--- a/modules/user/user.pages.inc
+++ b/modules/user/user.pages.inc
@@ -57,13 +57,20 @@ function user_pass() {
 function user_pass_validate($form, &$form_state) {
   $name = trim($form_state['values']['name']);
   // Try to load by email.
-  $users = user_load_multiple(array(), array('mail' => $name, 'status' => '1'));
+  $users = user_load_multiple(array(), array('mail' => $name));
   $account = reset($users);
   if (!$account) {
     // No success, try to load by name.
-    $users = user_load_multiple(array(), array('name' => $name, 'status' => '1'));
+    $users = user_load_multiple(array(), array('name' => $name));
     $account = reset($users);
   }
+  if ($account){
+    // Blocked accounts cannot request a new password,
+    // check provided username and email against access rules.
+    if ($account->status == 0) {
+      form_set_error('name', t('The username %name has not been activated or is blocked.', array('%name' => $name)));
+    }
+  }
   if (isset($account->uid)) {
     form_set_value(array('#parents' => array('account')), $account, $form_state);
   }
diff --git a/modules/user/user.test b/modules/user/user.test
index 07be4c2..a2757f3 100644
--- a/modules/user/user.test
+++ b/modules/user/user.test
@@ -481,6 +481,25 @@ class UserPasswordResetTestCase extends DrupalWebTestCase {
   }
 
   /**
+   * Tests password reset functionality for blocked a user.
+   */
+  function testBlockedUserPasswordReset() {
+    // Create a user.
+    $account = $this->drupalCreateUser();
+    // Load real user object.
+    $account = user_load($account->uid, TRUE);
+    $account->status = 0;
+    user_save($account);
+    $this->drupalLogin($account);
+    $this->drupalLogout();
+    // Attempt to reset password.
+    $edit = array('name' => $account->name);
+    $this->drupalPost('user/password', $edit, t('E-mail new password'));
+    // Confirm the password reset.
+    $this->assertText(t('The username %name has not been activated or is blocked.', array('%name' => $account->name)), 'Account has not been activated or is blocked message displayed.');
+  }
+
+  /**
    * Attempts login using an expired password reset link.
    */
   function testUserPasswordResetExpired() {