diff --git a/includes/form.inc b/includes/form.inc
index 2b7e0dd..08c7cd8 100644
--- a/includes/form.inc
+++ b/includes/form.inc
@@ -1288,11 +1288,13 @@ function form_type_password_confirm_value($form, $edit = FALSE) {
     return $form['#default_value'] + array('pass1' => '', 'pass2' => '');
   }
   $value = array('pass1' => '', 'pass2' => '');
-  // Throw out all invalid array keys, we only allow pass1 and pass2.
+  // Throw out all invalid array keys; we only allow pass1 and pass2.
   foreach ($value as $allowed_key => $default) {
-    // Only strings are acceptable, any nested array values are ignored.
-    if (isset($edit[$allowed_key]) && is_string($edit[$allowed_key])) {
-      $value[$allowed_key] = $edit[$allowed_key];
+    // These should be strings, but allow other scalars since they might be
+    // valid input in programmatic form submissions. Any nested array values
+    // are ignored.
+    if (isset($edit[$allowed_key]) && is_scalar($edit[$allowed_key])) {
+      $value[$allowed_key] = (string) $edit[$allowed_key];
     }
   }
   return $value;
@@ -1335,7 +1337,9 @@ function form_type_select_value($form, $edit = FALSE) {
  */
 function form_type_textarea_value($form, $edit = FALSE) {
   if ($edit !== FALSE) {
-    return is_string($edit) ? $edit : '';
+    // This should be a string, but allow other scalars since they might be
+    // valid input in programmatic form submissions.
+    return is_scalar($edit) ? (string) $edit : '';
   }
 }
 
@@ -1353,8 +1357,8 @@ function form_type_textarea_value($form, $edit = FALSE) {
  */
 function form_type_textfield_value($form, $edit = FALSE) {
   if ($edit !== FALSE) {
-    // This should be a string, but allow other scalars since they might
-    // be valid input in programmatic form submissions.
+    // This should be a string, but allow other scalars since they might be
+    // valid input in programmatic form submissions.
     if (!is_scalar($edit)) {
       $edit = '';
     }
diff --git a/modules/system/system.module b/modules/system/system.module
index 1a9e11b..26251b2 100644
--- a/modules/system/system.module
+++ b/modules/system/system.module
@@ -170,6 +170,8 @@ function system_elements() {
   $type['button'] = array('#input' => TRUE, '#name' => 'op', '#button_type' => 'submit', '#executes_submit_callback' => FALSE, '#process' => array('form_expand_ahah'));
   $type['image_button'] = array('#input' => TRUE, '#button_type' => 'submit', '#executes_submit_callback' => TRUE, '#process' => array('form_expand_ahah'), '#return_value' => TRUE, '#has_garbage_value' => TRUE, '#src' => NULL);
   $type['textfield'] = array('#input' => TRUE, '#size' => 60, '#maxlength' => 128, '#autocomplete_path' => FALSE, '#process' => array('form_expand_ahah'));
+  // Use the same value callback for password as for textfield; this ensures
+  // that we only get string values.
   $type['password'] = array('#input' => TRUE, '#size' => 60, '#maxlength' => 128, '#process' => array('form_expand_ahah'), '#value_callback' => 'form_type_textfield_value');
   $type['password_confirm'] = array('#input' => TRUE, '#process' => array('expand_password_confirm'));
   $type['textarea'] = array('#input' => TRUE, '#cols' => 60, '#rows' => 5, '#resizable' => TRUE, '#process' => array('form_expand_ahah'));