diff --git a/password_policy.test b/password_policy.test
index 44f63e8..4baead5 100644
--- a/password_policy.test
+++ b/password_policy.test
@@ -9,11 +9,6 @@
  * Base test case class for Password Policy.
  */
 class PasswordPolicyBaseTestCase extends DrupalWebTestCase {
-  /**
-   * The password policy.
-   *
-   * @var PasswordPolicy
-   */
   protected $testPolicy;
 
   /**
@@ -83,7 +78,7 @@ class PasswordPolicyBaseTestCase extends DrupalWebTestCase {
    *   TRUE if the password passes all policy checks, FALSE otherwise.
    */
   protected function checkPolicy(PasswordPolicy $policy, $password, $account = NULL) {
-    if ($account === NULL) {
+    if ($account == NULL) {
       $account = $this->account;
     }
 
@@ -105,7 +100,7 @@ class PasswordPolicyBaseTestCase extends DrupalWebTestCase {
    *   TRUE if the account matches the policy, FALSE otherwise.
    */
   protected function matchPolicy(PasswordPolicy $policy, $account = NULL) {
-    if ($account === NULL) {
+    if ($account == NULL) {
       $account = $this->account;
     }
 
diff --git a/plugins/constraint/delay.inc b/plugins/constraint/delay.inc
index f06e4af..6059906 100644
--- a/plugins/constraint/delay.inc
+++ b/plugins/constraint/delay.inc
@@ -60,14 +60,6 @@ function password_policy_delay_constraint($password, $account, $constraint) {
     return TRUE;
   }
 
-  // If user has only system-generated password, uses one-time link
-  // and have the token in the URL, don't apply constraint.
-  $is_password_generated = variable_get('user_email_verification', TRUE) && count($account->password_history) == 1;
-  $is_one_time_login = isset($_SESSION['pass_reset_' . $account->uid], $_GET['pass-reset-token']) && $_GET['pass-reset-token'] === $_SESSION['pass_reset_' . $account->uid];
-  if ($is_password_generated && $is_one_time_login) {
-    return TRUE;
-  }
-
   $password_index = !empty($constraint->config['threshold']) ? $constraint->config['threshold'] - 1 : 0;
 
   // If password has been changed less times than allowed by threshold,