diff --git a/core/modules/user/src/Controller/UserController.php b/core/modules/user/src/Controller/UserController.php
index 058cd02..8b22c90 100644
--- a/core/modules/user/src/Controller/UserController.php
+++ b/core/modules/user/src/Controller/UserController.php
@@ -76,16 +76,13 @@ public static function create(ContainerInterface $container) {
   public function resetPass($uid, $timestamp, $hash) {
     $account = $this->currentUser();
     $config = $this->config('user.settings');
-    // When processing the one-time login link, we have to make sure that a user
-    // isn't already logged in.
+
     if ($account->isAuthenticated()) {
       // The current user is already logged in.
       if ($account->id() == $uid) {
-        // The user is already logged in, but is shown a message inviting them to
-        // change their password, since that may be their intent. Let the user's
-        // password be changed without the current password check, as even though
-        // they are logged in, they may not know it.
-        // See https://drupal.org/node/889772 for background.
+        // Add a session token to the link to let the user change their password
+        // without having to enter their current password, since they may not
+        // know it.
         $token = Crypt::randomBytesBase64(55);
         $_SESSION['pass_reset_' . $account->id()] = $token;
         drupal_set_message(t('You are logged in as %user. <a href="!user_edit">Change your password.</a>', array(
diff --git a/core/modules/user/src/Form/UserPasswordForm.php b/core/modules/user/src/Form/UserPasswordForm.php
index 378f8f3..dd99192 100644
--- a/core/modules/user/src/Form/UserPasswordForm.php
+++ b/core/modules/user/src/Form/UserPasswordForm.php
@@ -92,7 +92,7 @@ public function buildForm(array $form, FormStateInterface $form_state) {
       $form['name']['#value'] = $user->getEmail();
       $form['mail'] = array(
         '#prefix' => '<p>',
-        '#markup' =>  $this->t('Password reset instructions will be mailed to %email. You must log out to use the password reset link in the email.', array('%email' => $user->getEmail())),
+        '#markup' =>  $this->t('Password reset instructions will be mailed to %email.', array('%email' => $user->getEmail())),
         '#suffix' => '</p>',
       );
     }