diff --git a/plugins/constraint/delay.inc b/plugins/constraint/delay.inc
index 600b037..a4bdd86 100644
--- a/plugins/constraint/delay.inc
+++ b/plugins/constraint/delay.inc
@@ -41,13 +41,6 @@ function password_policy_delay_constraint($password, $account, $constraint) {
     $account = $user;
   }
 
-  // To skip the delay constraint, the user must have logged in via a
-  // one-time link and have the token in the URL.
-  if (isset($_SESSION['pass_reset_' . $account->uid], $_GET['pass-reset-token']) && ($_GET['pass-reset-token'] === $_SESSION['pass_reset_' . $account->uid])) {
-    // Don't apply constraint on password reset.
-    return TRUE;
-  }
-
   // @TODO Find out why the hook_user_load is not running correctly.
   if (!isset($account->password_history)) {
     password_policy_user_load(array($account->uid => $account));
@@ -58,6 +51,14 @@ function password_policy_delay_constraint($password, $account, $constraint) {
     return TRUE;
   }
 
+  // If user has only system-generated password, uses one-time link
+  // and have the token in the URL, don't apply constraint.
+  $is_password_generated = variable_get('user_email_verification', TRUE) && count($account->password_history) == 1;
+  $is_one_time_login = isset($_SESSION['pass_reset_' . $account->uid], $_GET['pass-reset-token']) && $_GET['pass-reset-token'] === $_SESSION['pass_reset_' . $account->uid];
+  if ($is_password_generated && $is_one_time_login) {
+    return TRUE;
+  }
+
   // Apply constraint if most recent password change happened too recently.
   return $account->password_history[0]->created <= strtotime('-' . $constraint->config['delay']);
 }